--- description: Review of Klocwork Software: system overview, features, price and cost information. Get free demos and compare to similar programs on Software Advice New Zealand. image: https://gdm-localsites-assets-gfprod.imgix.net/images/software_advice/og_logo-55146305bbe7b450bea05c18e9be9c9a.png title: Klocwork | Reviews, Pricing & Demos - SoftwareAdvice NZ --- Breadcrumb: [Home](/) > [Static Application Security Testing (SAST) Software](/directory/4429/sast/software) > [Klocwork](/software/234817/klocwork) # Klocwork Canonical: https://www.softwareadvice.co.nz/software/234817/klocwork Page: 1 / 2\ Next: [Next page](https://www.softwareadvice.co.nz/software/234817/klocwork?page=2) > Klocwork is a web-based static application security testing (SAST software designed to help businesses identify and fix software security issues in compliance with security standards such as OWASP, CWE, PCI DSS, CERT and ISO/IEC TS 17961 and DISA STIG. It offers differential analysis, which lets IT professionals analyze files using system context data through the Klocwork Server. DevOps teams using Klocwork can control access permissions, manage approval workflows, generate compliance and security reports, display metrics and trending data and prioritize defects on the basis of severity, lifecycle and location. Containerized builds enable managers to use internal or external cloud services to streamline code analysis. Additionally, businesses can integrate the system with various architectural enforcement and visualization tools. Klocwork offers plugins for a variety of IDEs including Eclipse, Microsoft Visual Studio, IntelliJ and more. Custom rules can be implemented using the graphical custom checker creation tool. > > Verdict: Rated **4.6/5** by 8 users. Top-rated for **Likelihood to recommend**. ----- ## Quick Stats & Ratings | Metric | Rating | Detail | | **Overall** | **4.6/5** | 8 Reviews | | Ease of Use | 3.9/5 | Based on overall reviews | | Customer Support | 4.4/5 | Based on overall reviews | | Value for Money | 4.5/5 | Based on overall reviews | | Features | 4.5/5 | Based on overall reviews | | Recommendation percentage | 80% | (8/10 Likelihood to recommend) | ## About the vendor - **Company**: Perforce - **Location**: Minneapolis, US - **Founded**: 2000 ## Commercial Context - **Pricing model**: Per Feature (Free version available) (Free Trial) - **Pricing Details**: Contact Perforce Software for pricing details. - **Target Audience**: 51–200, 201–500, 501–1,000, 1,001–5,000, 5,001–10,000, 10,000+ - **Deployment & Platforms**: Cloud, SaaS, Web-based - **Supported Languages**: English - **Available Countries**: United States ## Features - API - Access Controls/Permissions - Activity Dashboard - Activity Tracking - Alerts/Notifications - Application Security - Audit Trail - Backlog Management - Bug Tracking - Bug/Issue Capture - Collaboration Tools - Custom Development - Dashboard - Data Visualisation - Debugging - For Developers - Integrated Development Environment - Issue Management - Issue Tracking - Mobile Development ## Integrations (6 total) - Helix QAC - Incredibuild - Jenkins - Microsoft Visual Studio - Perforce ALM - Secure Code Warrior ## Support Options - Chat ## Category - [Static Application Security Testing (SAST) Software](https://www.softwareadvice.co.nz/directory/4429/sast/software) ## Related Categories - [Static Application Security Testing (SAST) Software](https://www.softwareadvice.co.nz/directory/4429/sast/software) - [Bug Tracking Software](https://www.softwareadvice.co.nz/directory/4721/bug-tracking/software) - [App Development Software](https://www.softwareadvice.co.nz/directory/4499/app-development/software) ## Alternatives 1. [SonarQube](https://www.softwareadvice.co.nz/software/182719/sonarqube) — 4.5/5 (66 reviews) 2. [Jsmon](https://www.softwareadvice.co.nz/software/528998/Jsmon) — 4.8/5 (5 reviews) 3. [GitHub](https://www.softwareadvice.co.nz/software/397820/github) — 4.8/5 (6155 reviews) 4. [Aikido Security](https://www.softwareadvice.co.nz/software/433685/aikido) — 4.7/5 (6 reviews) 5. [GitLab](https://www.softwareadvice.co.nz/software/28004/gitlab) — 4.6/5 (1215 reviews) ## Reviews ### "It's a source code analysis tool. You can feed it either a piece of code up to a full build with tho" — 4.0/5 > **Fred** | *2 February 2018* > > **Pros**: Klocwork is great at finding software defects such as array and buffer out of bounds violations, Null pointer dereferences, unreachable code, memory leaks, unused variables, etc. If the build is setup correctly, the tool often produces accurate results. Customers have complimented us with our findings as we were able to point out significant issues in their software. Klocwork can be used on incremental builds and it will determine which warnings are new, unchanged, or fixed since the last run. The tool has very descriptive warnings and great documentation with examples to use. Their website also contains mappings from their checker warnings to industry coding standards such as MISRA and others. > > **Cons**: It doesn't have a user friendly interface for running the tool. Although it won't prevent you from running it on any piece of code or software build, the tool produces much less false positives when the input build is setup properly, which often requires some effort. Klocwork is run via command line, so the user must have knowledge of the necessary commands, command line arguments, and configuration setup. Although the results can be viewed through the Klocwork Insight Review web interface, there is no easy way for the user to export the data to a spreadsheet for offline viewing and analysis. ----- ### "Great at finding true positive issues in source code without needing to compile" — 5.0/5 > **Randall** | *15 January 2018* | Recommendation rating: 9.0/10 > > **Pros**: Klocwork works great with source code whether a complete or partial build. Easy to run the tool with minimal setup work. Tool has a higher chance of producing true positives vs false positives if setup right. Checker warnings are easy to understand and there is decent documentation explaining what each checker does. Klocwork Insight's web interface is easy to work with and provides a little help for tracing issues. Klocwork's Checker Studio enables users to create their own custom checkers, which are easy to deploy. The tool is great at finding critical issues in code, especially for buffer overflows, array out of bounds, null pointer dereferences, and dead code. The tool also maintains history of builds run and does build comparisons on each run for it to flag what warnings are new or not. > > **Cons**: Running the tool for us is usually done on a Unix server via command line, which users have expressed they would not prefer to a GUI. There is no easy way to extract the results from the tool to an Excel spreadsheet, but there are ways around it via scripting. There is no good documentation on Checker Studio, on how to create checkers, especially on how to program in KAST, even more so for Path checkers. > > This tool provided my company an easy means to find code defects on partial and full source code builds. The results of the tool have been very good. Although manual analysis is still required to determine which issues the customer are interested in, the time invested in setting up, running the tool, and manually analyzing the results, is well worth it. ----- ### "Powerful tool, but..." — 4.0/5 > **Verified Reviewer** | *2 May 2020* | Computer & Network Security | Recommendation rating: 5.0/10 > > **Pros**: Klocwork is a powerful static code checker. It helps to improve code global quality and to early detect errors. > > **Cons**: But it is a litte bit tricky to customize. Learning curve is not so short. ----- ### "Klocwork SAST REVIEW" — 5.0/5 > **akash** | *20 January 2023* | Information Services | Recommendation rating: 10.0/10 > > **Pros**: less false positive and on the fly analysis > > **Cons**: interface of the dashboard and few extra added features > > very good ----- ### "Very good in checking run time problems \!\!" — 5.0/5 > **Devendra** | *26 December 2018* | Information Technology & Services | Recommendation rating: 9.0/10 > > **Pros**: For our project we would like check run time issues like Divided by Zero, Array out of Bounds, Null pointer issues and so on. Klocwork is very good in this and has some good number of checkers for these problems. In addition to this Klocwork has direct plugin availability to lot of IDE's which will be helpful for all the developers. > > **Cons**: I would say that Klocwork has almost all good features as per my experience. > > As our main case is to detect some run time issues and using Klocwork we are getting these issues. ----- Page: 1 / 2\ Next: [Next page](https://www.softwareadvice.co.nz/software/234817/klocwork?page=2) ## Links - [View on SoftwareAdvice](https://www.softwareadvice.co.nz/software/234817/klocwork) ## This page is available in the following languages | Locale | URL | | de | | | en | | | en-AU | | | en-GB | | | en-IE | | | en-NZ | | ----- ## Structured Data