We performed a comparison between Fortify on Demand and Parasoft SOAtest based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Micro Focus WebInspect and Fortify code analysis tools are fully integrated with SSC portals and can instantly register to error tracking systems, like TFS and JIRA."
"There is not only one specific feature that we find valuable. The idea is to integrate the solution in DevSecOps which we were able to do."
"The solution is user-friendly."
"One of the top features is the source code review for vulnerabilities. When we look at source code, it's hard to see where areas may be weak in terms of security, and Fortify on Demand's source code review helps with that."
"The solution is user-friendly. One feature I find very effective is the tool's automatic scanning capability. It scans replicas of the code developers write and automatically detects any vulnerabilities. The integration with CI/CD tools is also useful for plugins."
"Its ability to perform different types of scans, keep everything in one place, and track the triage process in Fortify SSC stands out."
"One of the valuable features is the ability to submit your code and have it run in the background. Then, if something comes up that is more specific, you have the security analyst who can jump in and help, if needed."
"The solution saves us a lot of money. We're trying to reduce exposure and costs related to remediation."
"They have a feature where they can record traffic and create tests on the report traffic."
"Automatic testing is the most valuable feature."
"Since the solution has both command line and automation options, it generates good reports."
"The testing time is shortened because we generate test data automatically with SOAtest."
"We can automate our scenarios in a data driven format, which shows there is no rework on scripts. We only need to update the test data and run for a number of scenarios."
"Every imaginable source in the entire world of information technology can be accessed and used."
"Technical support is helpful."
"Parasoft SOAtest has improved the quality of our automated web services, which can be easily implemented through service chaining and service virtualization."
"Micro Focus Fortify on Demand cannot be run from a Linux Agent. When we are coding the endpoint it will not work, we have to use Windows Agent. This is something they could improve."
"Fortify on Demand needs to improve its pricing."
"They could provide features for artificial intelligence similar to other vendors."
"Temenos's (T-24) info basic is a separate programming interface, and such proprietary platforms and programming interfaces were not easily supported by the out-of-the-box versions of Fortify."
"Takes up a lot of resources which can slow things down."
"There's a bit of a learning curve. Our development team is struggling with following the rules and following the new processes."
"We have some stability issues, but they are minimal."
"Primarily for a complex, advanced website, they don't really understand some of the functionalities. So for instance, they could tell us that there is a vulnerability because somebody could possibly do something, but they don't really understand the code to realize that we actually negate that vulnerability through some other mechanism in the program. In addition, the technical support is just not there. We have open tickets. They don't respond. Even if they respond, we're not seeing eye to eye. As the company got sold and bought, the support got worse."
"UI testing should be more in-depth."
"Reporting facilities can be better."
"The product is very slow to start up, and that is a bit of a problem, actually."
"The performance could be a bit better."
"Reports could be customized and more descriptive according to the user's or company's requirements."
"During the process of working with SOAtest and building test cases, the .TST files will grow. A negative side effect is that saving your changes takes more time."
"Compatibility with HTTP 1.1 and TLS 1.2 needs to be improved."
"Tuning the tool takes time because it gives quite a long list of warnings."
Fortify on Demand is ranked 9th in Static Application Security Testing (SAST) with 57 reviews while Parasoft SOAtest is ranked 29th in Static Application Security Testing (SAST) with 30 reviews. Fortify on Demand is rated 8.0, while Parasoft SOAtest is rated 8.2. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Parasoft SOAtest writes "Good API testing and RIT feature; clarity could be improved". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify WebInspect, whereas Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Polyspace Code Prover and Tricentis Tosca. See our Fortify on Demand vs. Parasoft SOAtest report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
