We performed a comparison between OWASP Zap and Parasoft SOAtest based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The stability of the solution is very good."
"It has improved my organization with faster security tests."
"The HUD is a good feature that provides on-site testing and saves a lot of time."
"The best feature is the Zap HUD (Heads Up Display) because the customers can use the website normally. If we scan websites with automatic scanning, and the website has a web application firewall, it's very difficult."
"Two features are valuable. The first one is that the scan gets completed really quickly, and the second one is that even though it searches in a limited scope, what it does in that limited scope is very good. When you use Zap for testing, you're only using it for specific aspects or you're only looking for certain things. It works very well in that limited scope."
"The product discovers more vulnerabilities compared to other tools."
"We use the solution for security testing."
"The solution is scalable."
"If you want something that’s not provided out of the box, then you can write it yourself and integrate it with SOAtest."
"Technical support is helpful."
"Parasoft SOAtest has improved the quality of our automated web services, which can be easily implemented through service chaining and service virtualization."
"Since the solution has both command line and automation options, it generates good reports."
"Automatic testing is the most valuable feature."
"We have seen a return on investment."
"Good write and read files which save execution inputs and outputs and can be stored locally."
"The solution is scalable."
"The product should allow users to customize the report based on their needs."
"Too many false positives; test reports could be improved."
"Lacks resources where users can internally access a learning module from the tool."
"It would be ideal if I could try some pre-built deployment scenarios so that I don't have to worry about whether the configuration sector team is doing it right or wrong. That would be very helpful."
"The ability to search the internet for other use cases and to use the solution to make applications more secure should be addressed."
"It needs more robust reporting tools."
"There are too many false positives."
"The documentation is lacking and out-of-date, it really needs more love."
"Reporting facilities can be better."
"Parasoft SOAtest has an internal refresh function where you can refresh the software to show the changes you’ve made in your projects. Unfortunately this function does not work properly, because it often does not show the changes after you’ve hit te refresh button a few times."
"The feedback that we received from the DevOps of our organization was that the tool was a little heavy from the transformation perspective."
"The summary reports could be improved."
"The performance could be a bit better."
"From an automation point of view, it should have better clarity and be more user friendly."
"Tuning the tool takes time because it gives quite a long list of warnings."
"UI testing should be more in-depth."
OWASP Zap is ranked 8th in Application Security Testing (AST) with 37 reviews while Parasoft SOAtest is ranked 28th in Application Security Testing (AST) with 30 reviews. OWASP Zap is rated 7.6, while Parasoft SOAtest is rated 8.2. The top reviewer of OWASP Zap writes "Great for automating and testing and has tightened our security ". On the other hand, the top reviewer of Parasoft SOAtest writes "Reliable with a good interface but uses too much memory". OWASP Zap is most compared with SonarQube, Acunetix, PortSwigger Burp Suite Professional, Qualys Web Application Scanning and Veracode, whereas Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Polyspace Code Prover and Klocwork. See our OWASP Zap vs. Parasoft SOAtest report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.