We performed a comparison between Spirent CyberFlood and Veracode based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The feature I find most valuable is the traffic generator."
"Our customers use it to check for unauthorized file transfer."
"CyberFlood is flexible."
"CyberFlood's best features are its user-friendliness and scheduling function."
"The Security Labs [is] where I have the developers training and constantly improving their security, and remembering their security techniques. That way, they are more proactive and make sure things are correct. They're faster because they're doing it in the first place."
"Provides consistent evaluation and results without huge fluctuations in false positives or negatives."
"The pricing is worth it."
"The benefits are quick discovery and understanding of software vulnerabilities that we are putting in our own code. By discovering them quickly enough, we can triage them and determine the best ways to remediate them and prevent them from happening in the future."
"Static Scanning is the most valuable feature of Veracode."
"The security team can track the remediation and risk acceptance statistics."
"It gives feedback to developers on the effectiveness of their secure coding practices."
"It gives me an idea about the most important vulnerabilities and fast remediation tips."
"I would also like to see updates on a more frequent schedule."
"The solution needs more ports, more speed, and more gigabytes."
"CyberFlood's accessibility and support for multiple browsers could be better."
"Sometimes, when you configure parameters the hardware can't run, it will get stuck at those points without telling you what happened. It would be helpful if the error reporting provided more details about why the test setting is not running. It would be nice if there were a space in the hardware module for you to add some external hardware for more rigorous testing."
"They should improve on the static scanning time."
"Veracode doesn't really help you so much when it comes to fixing things. It is able to find our vulnerabilities but the remediation activities it does provide are not a straight out-of-the-box kind of model. We need to work on remediation and not completely rely on Veracode."
"Veracode scans provide a higher number of false positives."
"Once your report has been generated, you need to review the report with consultation team, especially if it is too detailed on the development side or regarding the language. Then, you need some professional help from their end to help you understand whatever has been identified. Scheduling consultation takes a longer time. So, if you are running multiple reports at the same time, then you need to schedule a multiple consultation times with one of their developers. There are few developers on their end who work can work with your developers, and their schedules are very tight."
"An area for improvement in Veracode is the time that it takes to scan large projects, as that makes it difficult to fit into our CI/CD pipelines."
"The negative that I found is that it has a subscription-based model."
"Mitigation review isn't always super easy."
"Veracode should make it easier to navigate between the solutions that they offer, i.e. between dynamic, static, and the source code analysis."
Spirent CyberFlood is ranked 33rd in Application Security Tools with 4 reviews while Veracode is ranked 2nd in Application Security Tools with 194 reviews. Spirent CyberFlood is rated 8.4, while Veracode is rated 8.2. The top reviewer of Spirent CyberFlood writes "I like the solution's flexibility". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". Spirent CyberFlood is most compared with Ixia BreakingPoint and Ixia BreakingPoint VE, whereas Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand, Snyk and OWASP Zap. See our Spirent CyberFlood vs. Veracode report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.