We performed a comparison between Spirent CyberFlood and Veracode based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The feature I find most valuable is the traffic generator."
"CyberFlood is flexible."
"CyberFlood's best features are its user-friendliness and scheduling function."
"Our customers use it to check for unauthorized file transfer."
"Within SCA, there is an extremely valuable feature called vulnerable methods. It is able to determine within a vulnerable library which methods are vulnerable. That is very valuable, because in the vast majority of cases where a library is vulnerable, none of the vulnerable methods are actually used by the code. So, if we want to prioritize the way open source libraries are updated when a library is found vulnerable, then we want to prioritize the libraries which have vulnerable methods used within the code."
"It allows us to prove our security levels to vendors, and additionally helps us with our HIPAA security policies."
"I appreciate the integration provided by Veracode that seamlessly integrates with our CI/CD tools and allows us to integrate with IPA as well."
"The most valuable feature is the efficiency of the tool in finding vulnerabilities."
"Veracode is very easy to use."
"Static Scanning is the most valuable feature of Veracode."
"The analysis of the vulnerabilities and the results are the most valuable features."
"I can have quick results by just uploading compiled components."
"The solution needs more ports, more speed, and more gigabytes."
"I would also like to see updates on a more frequent schedule."
"CyberFlood's accessibility and support for multiple browsers could be better."
"Sometimes, when you configure parameters the hardware can't run, it will get stuck at those points without telling you what happened. It would be helpful if the error reporting provided more details about why the test setting is not running. It would be nice if there were a space in the hardware module for you to add some external hardware for more rigorous testing."
"Veracode can be slow at times and has room for improvement, which may cause delays in our products and prolonged static scans."
"The static scans on Java lack microservices architecture scanning. We have developed an in-house pattern for this and the scans can't take care of it as a single entity."
"We get some false positives with JavaScript languages like React, TypeScript, and Angular. The problem is rooted in the build process of JavaScript, not the code we are using. This is something we spend lots of time trying to resolve. When we point to a specific library and review that on the code, we can see it is a part of the build that isn't going into production. It's only a part of the build because JavaScript has a different build process."
"To be able to upload source codes without being compiled. That’s one feature that drives us to see other sources."
"The negative that I found is that it has a subscription-based model."
"It should include more informational, low level, vulnerability summaries and groupings. Large related groups of low level vulnerabilities may amount to a design flaw or another avenue for attack."
"There are times when certain modules cannot be scanned automatically, requiring us to manually select these modules and initiate the scanning process on our side."
"Veracode's SAST, DAST, and SCA are pretty good with respect to industry standards, but with regard to container security, they are in either beta or alpha testing. They need to get that particular feature up and running so that they take care of the container security part."
Spirent CyberFlood is ranked 33rd in Application Security Tools with 4 reviews while Veracode is ranked 2nd in Application Security Tools with 194 reviews. Spirent CyberFlood is rated 8.4, while Veracode is rated 8.2. The top reviewer of Spirent CyberFlood writes "I like the solution's flexibility". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". Spirent CyberFlood is most compared with Ixia BreakingPoint and Ixia BreakingPoint VE, whereas Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand, Snyk and Fortify Static Code Analyzer. See our Spirent CyberFlood vs. Veracode report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.