Spirent CyberFlood vs Veracode comparison

Read 201 Veracode reviews

14,613 Views
9,530 Comparison Views

90% willing to recommend

Spirent CyberFlood

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 8, 2024

Veracode and Spirent CyberFlood compete in the cybersecurity domain. Spirent CyberFlood often seems to have the upper hand due to its superior feature set, despite the higher cost, which users find justifiable.

Features:Veracode is known for its comprehensive application security testing capabilities, robust support, and competitive pricing, catering specifically to application security needs. Spirent CyberFlood, on the other hand, stands out with extensive performance testing features, a wide array of simulation options, and high customization levels, focusing on both network and application performance.

Room for Improvement:Veracode could enhance its integration with other tools, refine its reporting features, and expand its user configuration options. Spirent CyberFlood users suggest improvements in configuration settings, better user feedback mechanisms, and a more streamlined setup process.

Ease of Deployment and Customer Service:Veracode offers a straightforward deployment process with reliable and quick customer service. Spirent CyberFlood provides a flexible deployment model but requires more setup time, with users indicating improvements needed in its support process.

Pricing and ROI:Veracode is valued for its cost-effectiveness and significant ROI, with clear value and reasonable setup costs. Spirent CyberFlood, associated with higher setup costs, is considered to offer good ROI for specific testing needs.

To learn more, read our detailed Spirent CyberFlood vs. Veracode Report (Updated: June 2025).

Spirent CyberFlood vs. Veracode

June 2025

Download the complete report

Helped 856,873 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Spirent CyberFlood

Ranking in Application Security Tools

47th

Ranking in Static Application Security Testing (SAST)

31st

Average Rating

8.4

Reviews Sentiment

6.6

Number of Reviews

Ranking in other categories

No ranking in other categories

Veracode

Ranking in Application Security Tools

2nd

Ranking in Static Application Security Testing (SAST)

2nd

Average Rating

8.2

Reviews Sentiment

7.0

Number of Reviews

201

Ranking in other categories

Container Security (8th), Software Composition Analysis (SCA) (3rd), Static Code Analysis (1st), Application Security Posture Management (ASPM) (2nd)

Mindshare comparison

As of June 2025, in the Application Security Tools category, the mindshare of Spirent CyberFlood is 0.2%, up from 0.1% compared to the previous year. The mindshare of Veracode is 9.2%, down from 10.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Application Security Tools

Featured Reviews

Jos Badimo

Director at BAMS

Test assurance improves compliance and products with good performance

The user interface could be improved to facilitate easier navigation. The most significant issue I encounter with the solution is the user interface. It would be beneficial if I could remain on one screen most of the time. Even if the system navigates me to another screen, it should effectively return me to the main screen.

Read full review

David-Robertson

Director Enterprise Architecture at Exeter Finance Corp.

Static scanning and software composition analysis are very helpful, but the usability needs improvement

Static scanning and software composition analysis are very helpful. My colleagues and I don't need to be experts on all of those ancillary things, so we can focus more on the business deliverables. They have a pretty good tool that allows me to run scans of my local integrated development environment. I can find a lot of those flaws a lot sooner than I would if I had to wait for these cloud-based scans. They've come out with some sort of automated fix feature. I haven't used it, but they gave us a demo of it, and that one looks promising. I don't know if it's ready for prime time yet.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The feature I find most valuable is the traffic generator."

"The testing compliance feature is particularly impressive."

"Our customers use it to check for unauthorized file transfer."

"CyberFlood's best features are its user-friendliness and scheduling function."

"CyberFlood is flexible."

"The most valuable features include the total developer experience, along with regulator exposure and DevOps pipeline. It encompasses everything as an enterprise solution."

"There are quite a few features that are very reliable, like the newly launched Veracode Pipelines Scan, which is pretty awesome. It supports the synchronous pipeline pretty well. We been using it out of the Jira plugin, and that is fantastic."

"Also, our customers benefited from the added security assurance of our applications, as they’ve been able to identify OWASP top-10 application vulnerabilities without a manual tester."

"In terms of application security best practices and guidance to our teams, their engineering staff is really excellent. They provide our developers with suggestions and they take those to heart. They've learned from the recommended remediation strategies provided by the Veracode security engineers. That makes all of their future code better."

"The visibility into application status helps reduce risk exposure for our software. Today, any findings provided by the DAST are reviewed by the developers and we have internal processes in place to correct those findings before there can be a release. So it absolutely does prevent us from releasing weak code."

"I don't have much experience with the solution yet. We're looking at integrating Manual Penetration Testing with JIRA and Bamboo and then building that into a CICD model, so the integration is the most valuable feature so far."

"Informs me of code security vulnerabilities. Bamboo build automation with Veracode API calls are used."

"The main feature, and one of the most important, is the static code analysis. We are able to complete an analysis of the security flaws with this platform. It's very good at helping us find and fix flaws."

More Veracode pros

Cons

"Sometimes, when you configure parameters the hardware can't run, it will get stuck at those points without telling you what happened. It would be helpful if the error reporting provided more details about why the test setting is not running. It would be nice if there were a space in the hardware module for you to add some external hardware for more rigorous testing."

"CyberFlood's accessibility and support for multiple browsers could be better."

"The user interface could be improved to facilitate easier navigation."

"The initial setup is not straightforward and can be quite challenging."

"I would also like to see updates on a more frequent schedule."

"The solution needs more ports, more speed, and more gigabytes."

"Veracode would benefit greatly from more training resources. The videos are great, but I would like more hands-on training writing a script, validating a script with a unit test in a different language, etc. That's something that would be very valuable."

"Its cost and the long scanning times for large applications are the areas for improvement."

"While Veracode is way ahead of its competitors on Gartner Magic Quadrant, it's a bit more expensive than Fortify. It's a good solution for the cost, but if we had a high budget, we would go with Checkmarx, which is much better than Veracode."

"Some important languages are not supported."

"Veracode's ability to fix flaws is less sophisticated than that of its competitors."

"The dynamic scanning feature works, but it doesn't work properly for some of our applications. It doesn't allow us to skip. They claim that we can do this, but it doesn't work when we're scanning the applications in real-time."

"It needs better controls to include/exclude specific sections when creating a report that can be shared externally with customers and prospects."

"Scheduling can be a little difficult. For instance, if you set up recurring scheduled scans and a developer comes in and says, "Hey, I have this critical release that happened outside of our normal release patterns and they want you to scan it," we actually have to change our schedule configuration and that means we lose the recurring scheduling settings we had."

More Veracode cons

Pricing and Cost Advice

"CyberFlood is reasonably priced."

"I think it's a great value. It's at a price point that a small company like mine can afford to use versus, if it was too exorbitant, I wouldn't be able to use this product. The cost of the license is small in comparison to the value it brings"

"Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background."

"Costs are reasonable. No special infrastructure is required and the license model is good."

"Veracode is a very expensive product."

"If you're licensing, and you're looking at licensing models, you might want to ask Veracode about their microservice, depending on the company. If you are a microservice architecture, I would suggest asking them about their microservice pricing. I would suggest that you evaluate that with your code and their other licensing model, which is like a lump sum in size of artifacts, and just make sure that you price that out with them, because there might be some tradeoffs that can be made in price."

"The cost of scanning code is cheaper. It's typically $0.50 per line of code. However, it's expensive to run a high-level process that would normally require a human security expert. For example, penetration testing costs about $1,000 per application for penetration testing. The cost of these features may be too high for smaller organizations. On the other hand, Veracode's interactive application security testing is fast and cheaper compared to other software."

"The pricing is a bit high."

"Compared to the typical software composition analysis solutions, Veracode is not so costly, although the static analysis part of it is a little costlier."

More Veracode pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.

See recommendations

856,873 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Manufacturing Company

16%

Computer Software Company

14%

Comms Service Provider

10%

Financial Services Firm

10%

Computer Software Company

17%

Financial Services Firm

16%

Manufacturing Company

Insurance Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What needs improvement with Spirent CyberFlood?

What is your primary use case for Spirent CyberFlood?

I have been using the solution for a year now. The customers I work with are focused on both custom test assurance and test automation. The solution is utilized in the financial services sector and...

What advice do you have for others considering Spirent CyberFlood?

The language barrier and time difference pose significant issues with customer support. The price is competitive. The biggest benefits I find are test assurance, the reliability of the test results...

Which gives you more for your money - SonarQube or Veracode?

SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use...

What do you like most about Veracode?

The SAST and DAST modules are great.

What is your experience regarding pricing and costs for Veracode?

The product’s price is a bit higher compared to other solutions. However, the tool provides good vulnerability and database features. It is worth the money.

Ixia BreakingPoint vs Spirent CyberFlood

Comparisons

Compared 76% of the time

Ixia BreakingPoint VE vs Spirent CyberFlood

Compared 24% of the time

More Spirent CyberFlood Competitors

SonarQube Server (formerly SonarQube) vs Veracode

Compared 19% of the time

Checkmarx One vs Veracode

Compared 10% of the time

GitHub Advanced Security vs Veracode

Compared 7% of the time

Fortify on Demand vs Veracode

Compared 4% of the time

Snyk vs Veracode

Compared 4% of the time

More Veracode Competitors

Product Reports

Application Security Tools

June 2025

Download Spirent CyberFlood product report

Download Veracode product report

May 2025

Also Known As

CyberFlood Virtual, Spirent Mu Dynamics Application Security Testing, Mu Dynamics Application Security Testing

Crashtest Security , Veracode Detect

Overview

Spirent’s revolutionary CyberFlood security and application testing solution is now available as a virtual platform offering you simplified use, by consolidating multiple test functions into a completely virtual test environment.

Spirent

Veracode is a leading provider of application security solutions, offering tools to identify, mitigate, and prevent vulnerabilities across the software development lifecycle. Its cloud-based platform integrates security into DevOps workflows, helping organizations ensure that their code remains secure and compliant with industry standards.

Veracode supports multiple application security testing types, including static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), and manual penetration testing. These tools are designed to help developers detect vulnerabilities early in development while maintaining speed in deployment. Veracode also emphasizes scalability, offering features for enterprises that manage a large number of applications across different teams. Its robust reporting and analytics capabilities allow organizations to continuously monitor their security posture and track progress toward remediation.

What are the key features of Veracode?

Static Analysis (SAST) - Scans source code for vulnerabilities before deployment.
Dynamic Analysis (DAST) - Examines applications in a running state to detect flaws in real-time.
Software Composition Analysis (SCA) - Identifies risks in open-source libraries and third-party components.
Manual Penetration Testing - Offers expert analysis for more complex vulnerabilities.
Integrations with DevOps tools - Seamlessly integrates with CI/CD pipelines for automated security checks.

What benefits should users consider in Veracode reviews?

Early detection of vulnerabilities - Helps developers fix security issues early in the development process.
Scalability - Supports organizations with large-scale application portfolios.
Compliance support - Ensures applications meet various security standards and regulations.
Developer training - Provides tools for educating developers on secure coding practices.
Comprehensive reporting - Offers detailed reports that track remediation and risk trends.

Veracode is widely adopted in industries like finance, healthcare, and government, where compliance and security are critical. It helps these organizations maintain strict security standards while enabling rapid development through its integration with Agile and DevOps methodologies.

Veracode helps businesses secure their applications efficiently, ensuring they can deliver safe and compliant software at scale.

Sample Customers

Digicel

Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.