Rogue Wave Software

Klocwork

4.5 / 5 2 reviews


Average Ratings

2 Reviews
  • 4.5 / 5
    Overall
  • 3 / 5
    Ease of Use
  • 4.5 / 5
    Customer Service

Product Details

  • Starting Price
    Not provided by vendor
  • Free Version
    Yes
  • Deployment
    Cloud, SaaS, Web
  • Training
    Documentation
    Webinars
    Live Online
    In Person
  • Support
    Online
    Business Hours

Vendor Details

  • Rogue Wave Software
  • www.roguewave.com

About Klocwork

Application security and code analytics product that allows coders to catch product defects at the early stages of development.


Spotlight-media-placeholder

Klocwork Features

  • Access Control
  • Code Assistance
  • Collaboration
  • Debugging
  • Graphical User Interface
  • Mobile Development
  • Software Development
  • Testing Management
  • Version Control
  • Web Development
  • Backlog Management
  • Filtering
  • Issue Tracking
  • Release Management
  • Task Management
  • Ticket Management
  • Workflow Management

Klocwork Reviews Recently Reviewed!


Great at finding true positive issues in source code without needing to compile

Jan 14, 2018
5/5
Overall
3 / 5
Ease of Use
5 / 5
Features & Functionality
5 / 5
Customer Support
5 / 5
Value for Money
Likelihood to Recommend: 9.0/10 Not
Likely
Extremely
Likely

Pros: Klocwork works great with source code whether a complete or partial build. Easy to run the tool with minimal setup work. Tool has a higher chance of producing true positives vs false positives if setup right. Checker warnings are easy to understand and there is decent documentation explaining what each checker does. Klocwork Insight's web interface is easy to work with and provides a little help for tracing issues. Klocwork's Checker Studio enables users to create their own custom checkers, which are easy to deploy. The tool is great at finding critical issues in code, especially for buffer overflows, array out of bounds, null pointer dereferences, and dead code. The tool also maintains history of builds run and does build comparisons on each run for it to flag what warnings are new or not.

Cons: Running the tool for us is usually done on a Unix server via command line, which users have expressed they would not prefer to a GUI. There is no easy way to extract the results from the tool to an Excel spreadsheet, but there are ways around it via scripting. There is no good documentation on Checker Studio, on how to create checkers, especially on how to program in KAST, even more so for Path checkers.

Overall: This tool provided my company an easy means to find code defects on partial and full source code builds. The results of the tool have been very good. Although manual analysis is still required to determine which issues the customer are interested in, the time invested in setting up, running the tool, and manually analyzing the results, is well worth it.

Capterra-loader

It's a source code analysis tool. You can feed it either a piece of code up to a full build with tho

Feb 02, 2018
4/5
Overall
3 / 5
Ease of Use
4 / 5
Features & Functionality
4 / 5
Customer Support
5 / 5
Value for Money

Pros: Klocwork is great at finding software defects such as array and buffer out of bounds violations, Null pointer dereferences, unreachable code, memory leaks, unused variables, etc. If the build is setup correctly, the tool often produces accurate results. Customers have complimented us with our findings as we were able to point out significant issues in their software. Klocwork can be used on incremental builds and it will determine which warnings are new, unchanged, or fixed since the last run. The tool has very descriptive warnings and great documentation with examples to use. Their website also contains mappings from their checker warnings to industry coding standards such as MISRA and others.

Cons:

It doesn't have a user friendly interface for running the tool. Although it won't prevent you from running it on any piece of code or software build, the tool produces much less false positives when the input build is setup properly, which often requires some effort. Klocwork is run via command line, so the user must have knowledge of the necessary commands, command line arguments, and configuration setup. Although the results can be viewed through the Klocwork Insight Review web interface, there is no easy way for the user to export the data to a spreadsheet for offline viewing and analysis.