We performed a comparison between HCL AppScan and Parasoft SOAtest based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We are now deploying less defects to production."
"The solution is easy to use."
"The HCL AppScan turnaround time for Burp Suite or any new feature request is pretty good, and that is why we are sticking with the HCL."
"This is a stable solution."
"The static scans are good, and the SaaS as well."
"I like the recording feature."
"This solution saves us time due to the low number of false positives detected."
"We use it as a security testing application."
"We have seen a return on investment."
"If you want something that’s not provided out of the box, then you can write it yourself and integrate it with SOAtest."
"We do a lot of web services testing and REST services testing. That is the focus of this product."
"Every imaginable source in the entire world of information technology can be accessed and used."
"They have a feature where they can record traffic and create tests on the report traffic."
"Generating new messages, based on the existing .EDN and .XML messages, is a crucial part or the testing project that I’m currently in."
"The testing time is shortened because we generate test data automatically with SOAtest."
"Technical support is helpful."
"The dashboard, for AppScan or the Fortified fast tool, which we use needs to be improved."
"One thing which I think can be improved is the CI/CD Integration"
"They could add a software component analysis tool."
"We have experienced challenges when trying to integrate this solution with other products. When you compare it with the other SecOps products, the quality of the output is too low. It is not a new-age product. It is very outdated."
"The penetration testing feature should be included."
"We would like to see a check in the specific vulnerabilities in mobile applications or rooted devices, such as jailbreaking devices."
"They have to improve support."
"IBM Security AppScan needs to add performance optimization for quickly scanning the target web applications."
"Reports could be customized and more descriptive according to the user's or company's requirements."
"UI testing should be more in-depth."
"During the process of working with SOAtest and building test cases, the .TST files will grow. A negative side effect is that saving your changes takes more time."
"The feedback that we received from the DevOps of our organization was that the tool was a little heavy from the transformation perspective."
"The product is very slow to start up, and that is a bit of a problem, actually."
"Compatibility with HTTP 1.1 and TLS 1.2 needs to be improved."
"Parasoft SOAtest has an internal refresh function where you can refresh the software to show the changes you’ve made in your projects. Unfortunately this function does not work properly, because it often does not show the changes after you’ve hit te refresh button a few times."
"Enabling/disabling an optional element of an XML request is only possible if a data source (e.g., Excel sheet) is connected to the test. Otherwise, the option is not available at all in the drop-down menu."
HCL AppScan is ranked 12th in Application Security Testing (AST) with 39 reviews while Parasoft SOAtest is ranked 28th in Application Security Testing (AST) with 30 reviews. HCL AppScan is rated 7.6, while Parasoft SOAtest is rated 8.2. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of Parasoft SOAtest writes "Reliable with a good interface but uses too much memory". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, OWASP Zap and PortSwigger Burp Suite Professional, whereas Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Polyspace Code Prover and Tricentis Tosca. See our HCL AppScan vs. Parasoft SOAtest report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.