• Home
  • Parasoft SOAtest vs. Veracode

Parasoft SOAtest vs Veracode comparison

Cancel
You must select at least 2 products to compare!
Parasoft Logo
Parasoft SOAtest
Read 30 Parasoft SOAtest reviews
1,106 views|742 comparisons
92% willing to recommend
Veracode Logo
Veracode
Read 194 Veracode reviews
24,547 views|16,408 comparisons
90% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Parasoft SOAtest vs. Veracode
May 2024
Executive Summary

We performed a comparison between Parasoft SOAtest and Veracode based on real PeerSpot user reviews.

Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Parasoft SOAtest vs. Veracode Report (Updated: May 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
Milind Parab
Useful for automated SQA, certifications, but the summary reports could improve
The tool is part of Automated Code Flow. It helps in SQA and Automotive Certification.
ShubhamSharma5
A very good tool for dynamic application testing, but its price is a little high
We have had challenges with security because developers come from different organizations and different backgrounds. They have different ways of... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"They have a feature where they can record traffic and create tests on the report traffic.""Since the solution has both command line and automation options, it generates good reports.""The testing time is shortened because we generate test data automatically with SOAtest.""We do a lot of web services testing and REST services testing. That is the focus of this product.""Every imaginable source in the entire world of information technology can be accessed and used.""The solution is scalable.""Technical support is helpful.""Good write and read files which save execution inputs and outputs and can be stored locally."

More Parasoft SOAtest Pros →

"Ours is a Java-based application and Veracode can detect vulnerabilities in both Angular, which is used for the UI, and also in the backend code, which includes APIs and microservices.""The dependency graph visualization provides the ability to see nested dependencies within libraries for pinpointing vulnerabilities.""We have such a wide variety of users for Veracode, including security champions, development leads, developers themselves, that the ease of use is really quite important, because we don't assume anything about what those people might already know, or need to know. It just makes it very useful for anyone who has to engage with it.""The main feature that I have found valuable is the solution's ability to find issues in static analysis. Additionally, there are plenty of useful tools.""Ad-hoc scanning during the development cycle and reports for audits are valuable features.""Provides the capability to track remediation and the handling of identified vulnerabilities.""What I found most valuable in Veracode is that it gives me a part-by-part report of the entire EAR file and lets me set up the application for a limited time. Once that expires, Veracode allows you to automatically renew it, which is one of the features I find remarkable in Veracode.""Veracode Fix is a new feature that functions similarly to auto-remediation for low or medium flaw codes."

More Veracode Pros →

Cons
"The performance could be a bit better.""Compatibility with HTTP 1.1 and TLS 1.2 needs to be improved.""Reports could be customized and more descriptive according to the user's or company's requirements.""UI testing should be more in-depth.""From an automation point of view, it should have better clarity and be more user friendly.""Tuning the tool takes time because it gives quite a long list of warnings.""The summary reports could be improved.""During the process of working with SOAtest and building test cases, the .TST files will grow. A negative side effect is that saving your changes takes more time."

More Parasoft SOAtest Cons →

"Straightforward to set up, but the configuration of the rules engine is difficult and complicated.""Improving sorting through findings reports to filter by only what is critically relevant will help developers focus on issues.""I do expect large applications with millions of lines of code to take a while, but it would be nice if there was a possibility to be able to have a baseline initial scan. I know that Veracode touts that there are Pipeline Scans that are supposed to take 90 seconds or less, and we've tried to do that ourselves with our ERP application. However, it actually times out after two hours of scanning. If the static scan itself or another option to run a lower tier scan can be integrated earlier on into our SDLC, it would be great. Right now, it takes so long that we usually leave it till a bit later in the cycle, whereas if it ran faster, we could push it to the time when a developer will be checking in code. That would make us feel a lot more confident that we'd be able to catch things almost instantaneously.""We connected with Veracode's support a couple of times, and we got a different answer each time.""I would like to see these features: entering comments for internal tracking; entering a priority; reports that show the above.""The solution does not support Dynamic Application Security Testing.""Veracode's false positives have room for improvement.""A high number of false positives are reported and this should be reduced."

More Veracode Cons →

Pricing and Cost Advice
  • "From what I understand, Parasoft SOAtest isn't the cheapest option. But it has a lot to offer."
  • "The cost of Parasoft seems to have gotten higher with a projection that wasn't really stipulated for our company. They've done a tremendous job at negotiating those deals."
  • "I think it would be a great step to decrease the price of the licenses."
  • "It is an expensive product, so think carefully about whether it fits your purposes and is the right tool for you."
  • "We are completed satisfied with Parasoft SOAtest. The ROI is more than 95%."
  • "The license price is a little expensive, but it provides a better outcome in terms of the end-to-end automation process."
  • "They do have a confusing licensing structure."
  • "The price is around $5,000 USD."

    • More Parasoft SOAtest Pricing and Cost Advice →

  • "Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background."
  • "The pricing is pretty high."
  • "The worst part about the product is that it does not scale at all. Also, microservices apps will cost you a fortune."
  • "I think licensing needs to be changed or updated so that it works with adjustments. Pricing is expensive compared to the amount of scanning we perform."
  • "It's worth the value"
  • "Pricing seems fair for what is offered, and licensing has been no problem. All developers are able to get the access they need."
  • "It can be expensive to do this, so I would just make sure that you're getting the proper number of licenses. Do your analysis. Make sure you know exactly what it is you need, going in."
  • "The licensing and prices were upfront and clear. They stand behind everything that is said during the commercial phase and during the onboarding phase. Even the most irrelevant "that can be done" was delivered, no matter how important the request was."

    • More Veracode Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Parasoft SOAtest?
    Top Answer:Since the solution has both command line and automation options, it generates good reports.
    Read all 6 answers   →
    What is your experience regarding pricing and costs for Parasoft SOAtest?
    Top Answer:The price is average. It isn't overly expensive.
    Read all 4 answers   →
    What needs improvement with Parasoft SOAtest?
    Top Answer:Tuning the tool takes time because it gives quite a long list of warnings. Going through that is a challenge. It only happens in the initial stage when we are setting up the tool, but it can be… more »
    Read all 6 answers   →
    Which gives you more for your money - SonarQube or Veracode?
    Top Answer:SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use… more »
    Read all 6 answers   →
    What do you like most about Veracode?
    Top Answer:The SAST and DAST modules are great.
    Read all 96 answers   →
    What is your experience regarding pricing and costs for Veracode?
    Top Answer:The product’s price is a bit higher compared to other solutions. However, the tool provides good vulnerability and database features. It is worth the money.
    Read all 66 answers   →
    Ranking
    29th
    out of 71 in Static Application Security Testing (SAST)
    Views
    1,106
    Comparisons
    742
    Reviews
    4
    Average Words per Review
    440
    Rating
    7.0
    2nd
    out of 71 in Static Application Security Testing (SAST)
    Views
    24,547
    Comparisons
    16,408
    Reviews
    94
    Average Words per Review
    989
    Rating
    8.1
    Comparisons
    Also Known As
    SOAtest
    Crashtest Security , Veracode Detect
    Learn More
    Parasoft
    Veracode
    Overview

    Parasoft SOAtest delivers fully integrated API and web service testing capabilities that automate end-to-end functional API testing. Streamline automated testing with advanced codeless test creation for applications with multiple interfaces (REST & SOAP APIs, microservices, databases, and more).

    SOAtest reduces the risk of security breaches and performance outages by transforming functional testing artifacts into security and load equivalents. Such reuse, along with continuous monitoring of APIs for change, allows faster and more efficient testing.

    Veracode is a global leader in Application Risk Management for the AI era. Powered by trillions of lines of code scans and a proprietary AI-generated remediation engine, the Veracode platform is trusted by organizations worldwide to build and maintain secure software from code creation to cloud deployment. Thousands of the world’s leading development and security teams use Veracode every second of every day to get accurate, actionable visibility of exploitable risk, achievereal-time vulnerability remediation, and reduce their security debt at scale. Veracode is a multi-award-winning company offering capabilities to secure the entire software development life cycle, including Veracode Fix, Static Analysis, Dynamic Analysis, Software Composition Analysis, Container Security, Application Security Posture Management, and Penetration Testing.

    Learn more atwww.veracode.com, on theVeracode blog, and onLinkedInandTwitter.

    Sample Customers
    Charter Communications, Sabre, Caesars Entertainment, Charles Schwab, ING, Intel, Northbridge Financial, Capital Services, WoodmenLife
    Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.
    Top Industries
    REVIEWERS
    Financial Services Firm43%
    Government14%
    Manufacturing Company7%
    Energy/Utilities Company7%
    VISITORS READING REVIEWS
    Financial Services Firm30%
    Manufacturing Company15%
    Computer Software Company13%
    Government4%
    REVIEWERS
    Computer Software Company26%
    Financial Services Firm23%
    Insurance Company9%
    Comms Service Provider6%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company15%
    Manufacturing Company8%
    Government6%
    Company Size
    REVIEWERS
    Small Business22%
    Midsize Enterprise9%
    Large Enterprise69%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise9%
    Large Enterprise75%
    REVIEWERS
    Small Business31%
    Midsize Enterprise20%
    Large Enterprise49%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise14%
    Large Enterprise69%
    Buyer's Guide
    Parasoft SOAtest vs. Veracode
    May 2024
    Free Report: Parasoft SOAtest vs. Veracode
    Find out what your peers are saying about Parasoft SOAtest vs. Veracode and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    772,649 professionals have used our research since 2012.

    Parasoft SOAtest is ranked 29th in Static Application Security Testing (SAST) with 30 reviews while Veracode is ranked 2nd in Static Application Security Testing (SAST) with 194 reviews. Parasoft SOAtest is rated 8.2, while Veracode is rated 8.2. The top reviewer of Parasoft SOAtest writes "Good API testing and RIT feature; clarity could be improved". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Polyspace Code Prover and Selenium HQ, whereas Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand, Snyk and Fortify Static Code Analyzer. See our Parasoft SOAtest vs. Veracode report.

    See our list of best Static Application Security Testing (SAST) vendors.

    We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.