Checkmarx One vs Parasoft SOAtest comparison

Cancel
You must select at least 2 products to compare!
Checkmarx Logo
31,565 views|20,243 comparisons
86% willing to recommend
Parasoft Logo
1,106 views|742 comparisons
92% willing to recommend
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Checkmarx One and Parasoft SOAtest based on real PeerSpot user reviews.

Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Checkmarx One vs. Parasoft SOAtest Report (Updated: May 2024).
772,679 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The solution improved the efficiency of our code security reviews. It helps tremendously because it finds hundreds of potential problems sometimes.""The main benefit to using this solution is that we find vulnerabilities in our software before the development cycle is complete.""The UI is user-friendly.""The ability to track the vulnerabilities inside the code (origin and destination of weak variables or functions).""The solution allows us to create custom rules for code checks.""The administration in Checkmarx is very good.""The main thing we find valuable about Checkmarx is the ease of use. It's easy to initiate scans and triage defects.""It gives the proper code flow of vulnerabilities and the number of occurrences."

More Checkmarx One Pros →

"The solution is scalable.""They have a feature where they can record traffic and create tests on the report traffic.""Parasoft SOAtest has improved the quality of our automated web services, which can be easily implemented through service chaining and service virtualization.""Automatic testing is the most valuable feature.""If you want something that’s not provided out of the box, then you can write it yourself and integrate it with SOAtest.""Since the solution has both command line and automation options, it generates good reports.""We do a lot of web services testing and REST services testing. That is the focus of this product.""The testing time is shortened because we generate test data automatically with SOAtest."

More Parasoft SOAtest Pros →

Cons
"The statistics module has a function that allows you to show some statistics, but I think it's limited. Maybe it needs more information.""Checkmarx needs to be more scalable for large enterprise companies.""With Checkmarx, normally you need to use one tool for quality and you need to use another tool for security. I understand that Checkmarx is not in the parity space because it's totally different, but they could include some free features or recommendations too.""I really would like to integrate it as a service along with the SAP HANA Cloud Platform. It will then be easy to use it directly as a service.""We are trying to find out if there is a way to identify the run-time null values. I am analyzing different tools to check if there is any tool that supports run-time null value identification, but I don't think any of the tools in the market currently supports this feature. It would be helpful if Checkmarx can identify and throw an exception for a null value at the run time. It would make things a lot easier if there is a way for Checkmarx to identify nullable fields or hard-coded values in the code. The accessibility for customized Checkmarx rules is currently limited and should be improved. In addition, it would be great if Checkmarx can do static code and dynamic code validation. It does a lot of security-related scanning, and it should also do static code and dynamic code validation. Currently, for security-related validation, we are using Checkmarx, and for static code and dynamic code validation, we are using some other tools. We are spending money on different tools. We can pay a little extra money and use Checkmarx for everything.""Checkmarx is not good because it has too many false positive issues.""I expect application security vendors to cover all aspects of application security, including SAST, DAST, and even mobile application security testing. And it would be much better if they provided an on-premises and cloud option for all these main application security features.""I would like to see the tool’s pricing improved."

More Checkmarx One Cons →

"Enabling/disabling an optional element of an XML request is only possible if a data source (e.g., Excel sheet) is connected to the test. Otherwise, the option is not available at all in the drop-down menu.""Parasoft SOAtest has an internal refresh function where you can refresh the software to show the changes you’ve made in your projects. Unfortunately this function does not work properly, because it often does not show the changes after you’ve hit te refresh button a few times.""From an automation point of view, it should have better clarity and be more user friendly.""The product is very slow to start up, and that is a bit of a problem, actually.""The performance could be a bit better.""Reporting facilities can be better.""The summary reports could be improved.""Reports could be customized and more descriptive according to the user's or company's requirements."

More Parasoft SOAtest Cons →

Pricing and Cost Advice
  • "It is the right price for quality delivery."
  • "I believe pricing is better compared to other commercial tools."
  • "The pricing was not very good. This is just a framework which shouldn’t cost so much."
  • "The pricing is competitive and provides a lower TCO (total cost of ownership) for achieving application security."
  • "It is a good product but a little overpriced."
  • "The license has a vague language around P1 issues and the associated support. Make sure to review these in order to align them with your organizational policies."
  • "​Checkmarx is not a cheap scanning tool, but none of the security tools are cheap. Checkmarx is a powerful scanning tool, and it’s essential to have one of these products."
  • "We got a special offer for a 30% reduction for three years, after our first year. I think for a real source-code scanning tool, you have to add a lot of money for Open Source Analysis, and AppSec Coach (160 Euro per user per year)."
  • More Checkmarx One Pricing and Cost Advice →

  • "From what I understand, Parasoft SOAtest isn't the cheapest option. But it has a lot to offer."
  • "The cost of Parasoft seems to have gotten higher with a projection that wasn't really stipulated for our company. They've done a tremendous job at negotiating those deals."
  • "I think it would be a great step to decrease the price of the licenses."
  • "It is an expensive product, so think carefully about whether it fits your purposes and is the right tool for you."
  • "We are completed satisfied with Parasoft SOAtest. The ROI is more than 95%."
  • "The license price is a little expensive, but it provides a better outcome in terms of the end-to-end automation process."
  • "They do have a confusing licensing structure."
  • "The price is around $5,000 USD."
  • More Parasoft SOAtest Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
    772,679 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
    Top Answer:Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
    Top Answer:The solution's price is high and you pay based on the number of users.
    Top Answer:Since the solution has both command line and automation options, it generates good reports.
    Top Answer:Tuning the tool takes time because it gives quite a long list of warnings. Going through that is a challenge. It only happens in the initial stage when we are setting up the tool, but it can be… more »
    Ranking
    Views
    31,565
    Comparisons
    20,243
    Reviews
    19
    Average Words per Review
    508
    Rating
    7.8
    Views
    1,106
    Comparisons
    742
    Reviews
    4
    Average Words per Review
    440
    Rating
    7.0
    Comparisons
    Also Known As
    SOAtest
    Learn More
    Overview

    Checkmarx One is an enterprise cloud-native application security platform focused on providing cross-tool, correlated results to help AppSec and developer teams prioritize where to focus time and resources.

    Checkmarx One offers comprehensive application scanning across the SDLC:

    • Static Application Security Testing (SAST)
    • Software Composition Analysis (SCA)
    • API security
    • Dynamic Application Security Testing (DAST)
    • Container security
    • IaC security
    • Correlation, prioritization, and risk management
    • Codebashing secure code training
    • AI security
    • Tech partnerships extending AppSec into runtime analysis
    • Developer tool integrations including: CI/CD tools, development frameworks, feedback tools, IDEs, programming languages and SCMs

    Checkmarx One provides everything you need to secure application development from the first line of code through deployment and runtime in the cloud. With an ever-evolving set of AppSec engines, correlation and prioritization features, and AI capabilities, Checkmarx One helps consolidate expanding lists of AppSec tools and make better sense of results. Its capabilities are designed to provide an improved developer experience to build trust with development teams and ensure the success of your AppSec program investment.

    Parasoft SOAtest delivers fully integrated API and web service testing capabilities that automate end-to-end functional API testing. Streamline automated testing with advanced codeless test creation for applications with multiple interfaces (REST & SOAP APIs, microservices, databases, and more).

    SOAtest reduces the risk of security breaches and performance outages by transforming functional testing artifacts into security and load equivalents. Such reuse, along with continuous monitoring of APIs for change, allows faster and more efficient testing.

    Sample Customers
    YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
    Charter Communications, Sabre, Caesars Entertainment, Charles Schwab, ING, Intel, Northbridge Financial, Capital Services, WoodmenLife
    Top Industries
    REVIEWERS
    Computer Software Company31%
    Financial Services Firm19%
    Comms Service Provider9%
    Manufacturing Company9%
    VISITORS READING REVIEWS
    Financial Services Firm21%
    Computer Software Company15%
    Manufacturing Company9%
    Government5%
    REVIEWERS
    Financial Services Firm43%
    Government14%
    Manufacturing Company7%
    Energy/Utilities Company7%
    VISITORS READING REVIEWS
    Financial Services Firm30%
    Manufacturing Company15%
    Computer Software Company13%
    Government4%
    Company Size
    REVIEWERS
    Small Business38%
    Midsize Enterprise13%
    Large Enterprise50%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise12%
    Large Enterprise71%
    REVIEWERS
    Small Business22%
    Midsize Enterprise9%
    Large Enterprise69%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise8%
    Large Enterprise75%
    Buyer's Guide
    Checkmarx One vs. Parasoft SOAtest
    May 2024
    Find out what your peers are saying about Checkmarx One vs. Parasoft SOAtest and other solutions. Updated: May 2024.
    772,679 professionals have used our research since 2012.

    Checkmarx One is ranked 3rd in Static Application Security Testing (SAST) with 67 reviews while Parasoft SOAtest is ranked 29th in Static Application Security Testing (SAST) with 30 reviews. Checkmarx One is rated 7.6, while Parasoft SOAtest is rated 8.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Parasoft SOAtest writes "Good API testing and RIT feature; clarity could be improved". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Polyspace Code Prover and ReadyAPI. See our Checkmarx One vs. Parasoft SOAtest report.

    See our list of best Static Application Security Testing (SAST) vendors.

    We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.