We performed a comparison between Checkmarx One and Parasoft SOAtest based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The administration in Checkmarx is very good."
"The solution allows us to create custom rules for code checks."
"Apart from software scanning, software composition scanning is valuable."
"We were using HPE Security Fortify to scan code for security vulnerabilities, but it can scan only after a successful compile. If the code has dependencies or build errors, the scan fails. With Checkmarx, pre-compile scanning is seamless. This allows us to scan more code."
"The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important."
"What I like best about Checkmarx is that it has fewer false positives than other products, giving you better results."
"Helps us check vulnerabilities in our SAP Fiori application."
"The main thing we find valuable about Checkmarx is the ease of use. It's easy to initiate scans and triage defects."
"Since the solution has both command line and automation options, it generates good reports."
"They have a feature where they can record traffic and create tests on the report traffic."
"Generating new messages, based on the existing .EDN and .XML messages, is a crucial part or the testing project that I’m currently in."
"We have seen a return on investment."
"If you want something that’s not provided out of the box, then you can write it yourself and integrate it with SOAtest."
"The solution is scalable."
"Parasoft SOAtest has improved the quality of our automated web services, which can be easily implemented through service chaining and service virtualization."
"We do a lot of web services testing and REST services testing. That is the focus of this product."
"We can run only one project at a time."
"The reports are good, but they still need to be improved considering what the UI offers."
"Checkmarx could improve by reducing the price."
"With Checkmarx, normally you need to use one tool for quality and you need to use another tool for security. I understand that Checkmarx is not in the parity space because it's totally different, but they could include some free features or recommendations too."
"The validation process needs to be sped up."
"I expect application security vendors to cover all aspects of application security, including SAST, DAST, and even mobile application security testing. And it would be much better if they provided an on-premises and cloud option for all these main application security features."
"The interactive application security testing, or IAST, the interactive part where you're looking at an application that lives in a runtime environment on a server or virtual machine, needs improvement."
"If it is a very large code base then we have a problem where we cannot scan it."
"Tuning the tool takes time because it gives quite a long list of warnings."
"Parasoft SOAtest has an internal refresh function where you can refresh the software to show the changes you’ve made in your projects. Unfortunately this function does not work properly, because it often does not show the changes after you’ve hit te refresh button a few times."
"Enabling/disabling an optional element of an XML request is only possible if a data source (e.g., Excel sheet) is connected to the test. Otherwise, the option is not available at all in the drop-down menu."
"UI testing should be more in-depth."
"From an automation point of view, it should have better clarity and be more user friendly."
"Compatibility with HTTP 1.1 and TLS 1.2 needs to be improved."
"Reports could be customized and more descriptive according to the user's or company's requirements."
"The performance could be a bit better."
Checkmarx One is ranked 3rd in Application Security Testing (AST) with 67 reviews while Parasoft SOAtest is ranked 28th in Application Security Testing (AST) with 30 reviews. Checkmarx One is rated 7.6, while Parasoft SOAtest is rated 8.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Parasoft SOAtest writes "Reliable with a good interface but uses too much memory". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Polyspace Code Prover and Klocwork. See our Checkmarx One vs. Parasoft SOAtest report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.