TechValidate Research on Klocwork

6 Charts


Klocwork Customer Research

SAST Key Features Importance

How important would you say it is to…

Critical Very Important Important Somewhat Important Not Important
Have a consistent pricing model from your Static Application Security Testing (SAST) tool vendor

16%

47%

28%

7%

2%

Have a SAST tool that can be executed via flexible deployment options (Desktop/IDE/CI/Cloud/Containers)

26%

42%

25%

2%

5%

Have customizable quality reports and analysis

17%

40%

32%

9%

2%

Get accurate and clean of noise reports

45%

44%

9%

2%

0%

Klocwork Customer Research

SAST Tools Key Required Capabilities

Please rate your level of agreement: For static code analysis tools, key features include:

Strongly agree Agree Neither agree nor disagree Disagree

The ease of setting up and running static code analysis
Integration into CI/CD systems
Differential analysis for speed and efficiency
The ability to support huge codebases
Support for all coding languages that we use
No need to pre-process code prior to scanning

Klocwork Customer Research

Which vendors did you evaluate or replace prior to selecting Perforce SAST Tools?

Which vendors did you evaluate or replace prior to selecting Perforce SAST Tools?

SonarSource/SonarQube
63%
Coverity (Synopsis)
48%
Parasoft
33%
Fortify
30%

Klocwork Customer Research

Which of the following enterprise console and reporting framework capabilities do you value the most?

Prioritize defects based on severity, location, and lifecycle
76%
Distinguish new issues from legacy code issues
72%
View trending and metrics data for project quality and compliance
61%
Compliance and security reports
54%
Defining global or project-specific QA and security objectives and rule configurations
54%
Control access permissions and approval workflows
28%
Push backlog issues to Change Control systems
20%

Klocwork Customer Research

Which security and safety coding standards coverage is the most important for you?

Which security and safety coding standards coverage is the most important for you?

MISRA,
73%
CERT
58%
AUTOSAR C++ 14,
38%
OWASP
27%
CWE Top25
23%
JSF AV C++
15%
ISO/IEC TS 17961
13%
DISA STIG
8%
PCI DSS
4%

Klocwork Customer Research

How important would you say it is to…

Critical Very Important Important Somewhat Important Not Important
Get accurate and clean of noise reports

45%

44%

9%

2%

0%

Have customizable quality reports and analysis

17%

40%

32%

9%

2%

Have a consistent pricing model from your Static Application Security Testing (SAST) tool vendor

16%

47%

28%

7%

2%




More Research on Klocwork