We performed a comparison between Parasoft SOAtest and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Generating new messages, based on the existing .EDN and .XML messages, is a crucial part or the testing project that I’m currently in."
"Every imaginable source in the entire world of information technology can be accessed and used."
"Automatic testing is the most valuable feature."
"The testing time is shortened because we generate test data automatically with SOAtest."
"We can automate our scenarios in a data driven format, which shows there is no rework on scripts. We only need to update the test data and run for a number of scenarios."
"Parasoft SOAtest has improved the quality of our automated web services, which can be easily implemented through service chaining and service virtualization."
"They have a feature where they can record traffic and create tests on the report traffic."
"Since the solution has both command line and automation options, it generates good reports."
"We are mostly using it for scanning the entire website. So, we basically create a script with the entire website and then run it for different injections."
"The solution helped us discover vulnerabilities in our applications."
"You can download different plugins if you don't have them in the standard edition."
"Once I capture the proxy, I'm able to transfer across. All the requested information is there. I can send across the request to what we call a repeater, where I get to ready the payload that I send to the application. Put in malicious content and then see if it's responding to it."
"You can scan any number of applications and it updates its database."
"I am impressed with the tool's detailed analysis for penetration testing. AppScan can give only visibility, but it can't do the PT part. But the PortSwigger Burp Application can do both, and it gives much more visibility on the PT rating."
"PortSwigger Burp Suite does not hamper the node of the server, and it does not shut down the server if it is running."
"The solution is quite helpful for session management and configuration."
"Reporting facilities can be better."
"The performance could be a bit better."
"From an automation point of view, it should have better clarity and be more user friendly."
"Parasoft SOAtest has an internal refresh function where you can refresh the software to show the changes you’ve made in your projects. Unfortunately this function does not work properly, because it often does not show the changes after you’ve hit te refresh button a few times."
"Enabling/disabling an optional element of an XML request is only possible if a data source (e.g., Excel sheet) is connected to the test. Otherwise, the option is not available at all in the drop-down menu."
"Tuning the tool takes time because it gives quite a long list of warnings."
"Compatibility with HTTP 1.1 and TLS 1.2 needs to be improved."
"Reports could be customized and more descriptive according to the user's or company's requirements."
"The one feature that I would like to see in Burp is active scanning of REST based web services. A lot of organizations are providing APIs to access their services to support different business models like SaaS. Scanning these APIs is still a challenge for many security product companies."
"The price could be better. The rest is fine."
"The initial setup is a bit complex."
"The pricing of the solution is quite high."
"There should be a heads up display like the one available in OWASP Zap."
"Mitigating the issues and low confluence issues needs some improvement. Implementing demand with the ChatGPT under the web solution is an additional feature I would like to see in the next release."
"In the Professional version, we cannot link it with the CI/CD process."
"The Auto Scanning features should be updated more frequently and should include the latest attack vectors."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Parasoft SOAtest is ranked 29th in Static Application Security Testing (SAST) with 30 reviews while PortSwigger Burp Suite Professional is ranked 5th in Static Application Security Testing (SAST) with 57 reviews. Parasoft SOAtest is rated 8.2, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Parasoft SOAtest writes "Good API testing and RIT feature; clarity could be improved". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Polyspace Code Prover and ReadyAPI, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning. See our Parasoft SOAtest vs. PortSwigger Burp Suite Professional report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.