We performed a comparison between Parasoft SOAtest and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Every imaginable source in the entire world of information technology can be accessed and used."
"The solution is scalable."
"The testing time is shortened because we generate test data automatically with SOAtest."
"Parasoft SOAtest has improved the quality of our automated web services, which can be easily implemented through service chaining and service virtualization."
"Good write and read files which save execution inputs and outputs and can be stored locally."
"We do a lot of web services testing and REST services testing. That is the focus of this product."
"Generating new messages, based on the existing .EDN and .XML messages, is a crucial part or the testing project that I’m currently in."
"We have seen a return on investment."
"Enables automation of different tasks such as authorization testing."
"For pentesting scenarios, this is the number one tool. It can capture the request, and there are so many functions that are very good for that. For example, a black box satellite host."
"You can scan any number of applications and it updates its database."
"Once I capture the proxy, I'm able to transfer across. All the requested information is there. I can send across the request to what we call a repeater, where I get to ready the payload that I send to the application. Put in malicious content and then see if it's responding to it."
"The feature that we have found most valuable is that it comes with pre-set configurations. They have a set of predefined options where you can pick one and start scanning. We also have the option of creating our own configurations, like how often do the applications need to be scanned."
"We are mostly using it for scanning the entire website. So, we basically create a script with the entire website and then run it for different injections."
"I have found this solution has more plugins than other competitors which is a benefit. You are able to attach different plugins to the security scan to add features. For example, you can check to see if there are any payment systems that exist on a server, or username and password brute force analysis."
"The reporting part is the most valuable. It also has very good features. We use almost all of the features for different kinds of customers and needs."
"Reporting facilities can be better."
"During the process of working with SOAtest and building test cases, the .TST files will grow. A negative side effect is that saving your changes takes more time."
"From an automation point of view, it should have better clarity and be more user friendly."
"Compatibility with HTTP 1.1 and TLS 1.2 needs to be improved."
"Enabling/disabling an optional element of an XML request is only possible if a data source (e.g., Excel sheet) is connected to the test. Otherwise, the option is not available at all in the drop-down menu."
"The feedback that we received from the DevOps of our organization was that the tool was a little heavy from the transformation perspective."
"Reports could be customized and more descriptive according to the user's or company's requirements."
"The performance could be a bit better."
"The scanner and crawler need to be improved."
"One thing that is not up to the mark in PortSwigger is web application testing. I found some issues with its performance and reporting. They should work on these and give us a better outcome."
"BurpSuite has some issues regarding authentication with OAT tokens that need to be improved."
"The solution lacks sufficient stability."
"The solution doesn't offer very good scalability."
"Scanning APIs using PortSwigger Burp Suite Professional takes a lot of time."
"If we're running a huge number of scans regularly, it slows down the tool."
"Currently, the scanning is only available in the full version of Burp, and not in the Community version."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Parasoft SOAtest is ranked 28th in Application Security Testing (AST) with 30 reviews while PortSwigger Burp Suite Professional is ranked 5th in Application Security Testing (AST) with 55 reviews. Parasoft SOAtest is rated 8.2, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Parasoft SOAtest writes "Reliable with a good interface but uses too much memory". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Polyspace Code Prover and Klocwork, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning. See our Parasoft SOAtest vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
