We performed a comparison between Fortify on Demand and Parasoft SOAtest based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most important feature of the product is to follow today's technology fast, updated rules and algorithms (of the product)."
"I don’t know of any other On-Demand enterprise solution like this one where we can load the details and within a few days, receive the results of intrusion attacks, and work with HP Security Experts when needed for clarification"
"Audit workbench: for on-the-fly defect auditing."
"Each bank may have its own core banking applications with proprietary support for different programming languages. This makes Fortify particularly relevant and advantageous in those cases."
"The most valuable features of Micro Focus Fortify on Demand have been SAT analysis and application security."
"It has saved us a lot of time as we focus primarily on programming rather than tool operational work."
"Fortify helps us to stay updated with the newest languages and versions coming out."
"We identified a lot of security vulnerability much earlier in the development and could fix this well before the product was rolled out to a huge number of clients."
"We have seen a return on investment."
"The solution is scalable."
"Generating new messages, based on the existing .EDN and .XML messages, is a crucial part or the testing project that I’m currently in."
"Automatic testing is the most valuable feature."
"Parasoft SOAtest has improved the quality of our automated web services, which can be easily implemented through service chaining and service virtualization."
"Technical support is helpful."
"They have a feature where they can record traffic and create tests on the report traffic."
"We can automate our scenarios in a data driven format, which shows there is no rework on scripts. We only need to update the test data and run for a number of scenarios."
"There are many false positives identified by the solution."
"They have a release coming out, which is full of new features. Based on their roadmap, there's nothing that I would suggest for them to put in it that they haven't already suggested. However, I am a customer, so I always think the pricing is something that could be improved. I am working with them on that, and they're very flexible. They work with their customers and kind of tailor the product to the customer's needs. So far, I am very happy with what they're able to provide. Their subscriptions could use a little bit of a reworking, but that would be about it."
"Reporting could be improved."
"Micro Focus Fortify on Demand can improve by having more graphs. For example, to show the improvement of the level of security."
"It lacks of some important features that the competitors have, such as Software Composition Analysis, full dead code detection, and Agile Alliance's Best Practices and Technical Debt."
"The Visual Studio plugin seems to hang when a scan is run on big projects. I would expect some improvements there."
"In terms of communication, they can integrate a few more third-party tools. It would be great if we can have more options for microservice communication. They can also improve the securability a bit more because security is one of the biggest aspects these days when you are using the cloud. Some more security features would be really helpful."
"It would be highly beneficial if Fortify on Demand incorporated runtime analysis, similar to how Contrast Security utilizes agents for proactive application security."
"Compatibility with HTTP 1.1 and TLS 1.2 needs to be improved."
"Reporting facilities can be better."
"Tuning the tool takes time because it gives quite a long list of warnings."
"The summary reports could be improved."
"Parasoft SOAtest has an internal refresh function where you can refresh the software to show the changes you’ve made in your projects. Unfortunately this function does not work properly, because it often does not show the changes after you’ve hit te refresh button a few times."
"Reports could be customized and more descriptive according to the user's or company's requirements."
"The feedback that we received from the DevOps of our organization was that the tool was a little heavy from the transformation perspective."
"The performance could be a bit better."
Fortify on Demand is ranked 9th in Static Application Security Testing (SAST) with 57 reviews while Parasoft SOAtest is ranked 29th in Static Application Security Testing (SAST) with 30 reviews. Fortify on Demand is rated 8.0, while Parasoft SOAtest is rated 8.2. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Parasoft SOAtest writes "Good API testing and RIT feature; clarity could be improved". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify WebInspect, whereas Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Polyspace Code Prover and Tricentis Tosca. See our Fortify on Demand vs. Parasoft SOAtest report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.