We performed a comparison between Checkmarx One and Parasoft SOAtest based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The report function is the solution's greatest asset."
"The most valuable feature for me is the Jenkins Plugin."
"The most valuable features of Checkmarx are the Best Fix Location and the Payments option because you can save a lot of time trying to mitigate the configuration. Using these tools can save you a lot of time."
"The main advantage of this solution is its centralized reporting functionality, which lets us track issues, then see and report on the priorities via a web portal."
"The process of remediating software security vulnerabilities can now be performed (ongoing) as portions of the application are being built in advance of being compiled."
"Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%."
"The reports are very good because they include details on the code level, and make suggestions about how to fix the problems."
"I like that you don't have to compile the code in order to execute static code analysis. So, it's very handy."
"Since the solution has both command line and automation options, it generates good reports."
"Automatic testing is the most valuable feature."
"Generating new messages, based on the existing .EDN and .XML messages, is a crucial part or the testing project that I’m currently in."
"We can automate our scenarios in a data driven format, which shows there is no rework on scripts. We only need to update the test data and run for a number of scenarios."
"Every imaginable source in the entire world of information technology can be accessed and used."
"The solution is scalable."
"They have a feature where they can record traffic and create tests on the report traffic."
"We do a lot of web services testing and REST services testing. That is the focus of this product."
"The cost per user is high and should be reduced."
"Integration into the SDLC (i.e. support for last version of SonarQube) could be added."
"We have received some feedback from our customers who are receiving a large number of false positives."
"The tool is currently quite static in terms of finding security vulnerabilities. It would be great if it was more dynamic and we had even more tools at our disposal to keep us safe. It would help if there was more scanning or if the process was more automated."
"I expect application security vendors to cover all aspects of application security, including SAST, DAST, and even mobile application security testing. And it would be much better if they provided an on-premises and cloud option for all these main application security features."
"The validation process needs to be sped up."
"Licensing models and Swift language support are the aspects in which this product needs to improve. Swift is a new language, in which major customers require support for lower prices."
"Checkmarx reports many false positives that we need to manually segregate and mark “Not exploitable”."
"Reports could be customized and more descriptive according to the user's or company's requirements."
"From an automation point of view, it should have better clarity and be more user friendly."
"Reporting facilities can be better."
"Compatibility with HTTP 1.1 and TLS 1.2 needs to be improved."
"The product is very slow to start up, and that is a bit of a problem, actually."
"The performance could be a bit better."
"The summary reports could be improved."
"Tuning the tool takes time because it gives quite a long list of warnings."
Checkmarx One is ranked 3rd in Application Security Testing (AST) with 67 reviews while Parasoft SOAtest is ranked 28th in Application Security Testing (AST) with 30 reviews. Checkmarx One is rated 7.6, while Parasoft SOAtest is rated 8.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Parasoft SOAtest writes "Reliable with a good interface but uses too much memory". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Polyspace Code Prover and Klocwork. See our Checkmarx One vs. Parasoft SOAtest report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.