We performed a comparison between Fortify on Demand and Spirent CyberFlood based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Provides good depth of scanning and we get good results."
"The SAST feature is the most valuable."
"The user interface is good."
"One of the valuable features is the ability to submit your code and have it run in the background. Then, if something comes up that is more specific, you have the security analyst who can jump in and help, if needed."
"The UL is easy to use compared to that of other tools, and it is highly reliable. The findings provide a lower number of false positives."
"While using Micro Focus Fortify on Demand we have been very happy with the results and findings."
"The scanning capabilities, particularly for our repositories, have been invaluable."
"The quality of application security testing reduces risk and gives very few false positives."
"Our customers use it to check for unauthorized file transfer."
"CyberFlood's best features are its user-friendliness and scheduling function."
"CyberFlood is flexible."
"The feature I find most valuable is the traffic generator."
"It could have a little bit more streamlined installation procedure. Based on the things that I've done, it could also be a bit more automated. It is kind of taking a bunch of different scanners, and SSC is just kind of managing the results. The scanning doesn't really seem to be fully integrated into the SSC platform. More automation and any kind of integration in the SSC platform would definitely be good. There could be a way to initiate scans from SSC and more functionality on the server-side to initiate desk scans if it is not already available."
"The UI could be better. Fortify should also suggest new packages in the product that can be upgraded. Currently, it shows that, but it's not visible enough. In future versions, I would like more insights about the types of vulnerabilities and the pages associated with the exact CVE."
"Sometimes when we run a full scan, we have a bunch of issues in the code. We should not have any issues."
"Integration to CI/CD pipelines could be improved. The reporting format could be more user friendly so that it is easy to read."
"The thing that could be improved is reducing the cost of usage and including some of the most pricey features, such as dynamic analysis and that sort of functionality, which makes the difference between different types of tools."
"The Visual Studio plugin seems to hang when a scan is run on big projects. I would expect some improvements there."
"They have a release coming out, which is full of new features. Based on their roadmap, there's nothing that I would suggest for them to put in it that they haven't already suggested. However, I am a customer, so I always think the pricing is something that could be improved. I am working with them on that, and they're very flexible. They work with their customers and kind of tailor the product to the customer's needs. So far, I am very happy with what they're able to provide. Their subscriptions could use a little bit of a reworking, but that would be about it."
"It natively supports only a few languages. They can include support for more native languages. The response time from the support team can also be improved. They can maybe include video tutorials explaining the remediation process. The remediation process is sometimes not that clear. It would be helpful to have videos. Sometimes, the solution that the tool gives in the GUI is not straightforward to understand for the developer. At present, for any such issues, you have to create a ticket for the support team and request help from the support team."
"Sometimes, when you configure parameters the hardware can't run, it will get stuck at those points without telling you what happened. It would be helpful if the error reporting provided more details about why the test setting is not running. It would be nice if there were a space in the hardware module for you to add some external hardware for more rigorous testing."
"CyberFlood's accessibility and support for multiple browsers could be better."
"I would also like to see updates on a more frequent schedule."
"The solution needs more ports, more speed, and more gigabytes."
Fortify on Demand is ranked 11th in Application Security Tools with 56 reviews while Spirent CyberFlood is ranked 33rd in Application Security Tools with 4 reviews. Fortify on Demand is rated 8.0, while Spirent CyberFlood is rated 8.4. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Spirent CyberFlood writes "I like the solution's flexibility". Fortify on Demand is most compared with SonarQube, Checkmarx One, Veracode, Coverity and Fortify WebInspect, whereas Spirent CyberFlood is most compared with Ixia BreakingPoint and Ixia BreakingPoint VE. See our Fortify on Demand vs. Spirent CyberFlood report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.