We performed a comparison between Mend.io and Spirent CyberFlood based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the unified JAR to scan for all langs (wss-scanner jar)."
"The inventory management as well as the ability to identify security vulnerabilities has been the most valuable for our business."
"The most valuable features are the reporting, customizing libraries "In-house, White list, license selection", comparing the products/projects, and License & Copyright resolution."
"We can take some measures to improve things, replace a library, or update a library which was too old or showed severe bugs."
"Mend has reduced our open-source software vulnerabilities and helped us remediate issues quickly. My company's policy is to ensure that vulnerabilities are fixed before it gets to production."
"For us, the most valuable tool was open-source licensing analysis."
"The solution boasts a broad range of features and covers much of what an ideal SCA tool should."
"Attribution and license due diligence reports help us with aggregating the necessary data that we, in turn, have to provide to satisfy the various licenses copyright and component usage disclosures in our software."
"Our customers use it to check for unauthorized file transfer."
"The feature I find most valuable is the traffic generator."
"CyberFlood's best features are its user-friendliness and scheduling function."
"CyberFlood is flexible."
"On the reporting side, they could make some improvements. They are making the reports better and better, but sometimes it takes a lot of time to generate a report for our entire organization."
"Needs better ACL and more role definitions. This product could be used by large organisations and it definitely needs a better role/action model."
"The dashboard UI and UX are problematic."
"WhiteSource only produces a report, which is nice to look at. However, you have to check that report every week, to see if something was found that you don't want. It would be great if the build that's generating a report would fail if it finds a very important vulnerability, for instance."
"The UI is not that friendly and you need to learn how to navigate easily."
"The only thing that I don't find support for on Mend Prioritize is C++."
"I would like to have an additional compliance pack. Currently, it does not have anything for the CIS framework or the NIST framework. If we directly run a scan, and it is under the CIS framework, we can directly tell the auditor that this product is now CIS compliant."
"Some detected libraries do not specify a location of where in the source they were matched from, which is something that should be enhanced to enable quicker troubleshooting."
"CyberFlood's accessibility and support for multiple browsers could be better."
"Sometimes, when you configure parameters the hardware can't run, it will get stuck at those points without telling you what happened. It would be helpful if the error reporting provided more details about why the test setting is not running. It would be nice if there were a space in the hardware module for you to add some external hardware for more rigorous testing."
"I would also like to see updates on a more frequent schedule."
"The solution needs more ports, more speed, and more gigabytes."
Mend.io is ranked 5th in Application Security Tools with 29 reviews while Spirent CyberFlood is ranked 33rd in Application Security Tools with 4 reviews. Mend.io is rated 8.4, while Spirent CyberFlood is rated 8.4. The top reviewer of Mend.io writes "Easy to use, great for finding vulnerabilities, and simple to set up". On the other hand, the top reviewer of Spirent CyberFlood writes "I like the solution's flexibility". Mend.io is most compared with SonarQube, Black Duck, Snyk, Checkmarx One and Veracode, whereas Spirent CyberFlood is most compared with Ixia BreakingPoint and Ixia BreakingPoint VE. See our Mend.io vs. Spirent CyberFlood report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.