We performed a comparison between Parasoft SOAtest and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Automatic testing is the most valuable feature."
"We do a lot of web services testing and REST services testing. That is the focus of this product."
"The solution is scalable."
"Parasoft SOAtest has improved the quality of our automated web services, which can be easily implemented through service chaining and service virtualization."
"Since the solution has both command line and automation options, it generates good reports."
"Generating new messages, based on the existing .EDN and .XML messages, is a crucial part or the testing project that I’m currently in."
"We can automate our scenarios in a data driven format, which shows there is no rework on scripts. We only need to update the test data and run for a number of scenarios."
"If you want something that’s not provided out of the box, then you can write it yourself and integrate it with SOAtest."
"It works with many different products."
"Its most valuable features are patch management, vulnerability management, and PCI compliance."
"The most valuable feature of Qualys Web Application Scanning is the effective scanning that can be done."
"The feature that I have found most valuable is the progressive scan. It is good. It's done in 24 hours."
"I have found the detection of vulnerabilities tool thorough with good results and the graphical display output to be wonderful and full of colors. It allows many types of outputs, such as bar and chart previews."
"It is a very stable solution."
"You can integrate your Burp Suite results and create an integrated report. Also, the way it shows the results - threats and exploit details - makes remediation very easy."
"The most valuable feature is that we are able to scan the services and put credentials like a user ID password. We can verify the vulnerability level."
"UI testing should be more in-depth."
"The feedback that we received from the DevOps of our organization was that the tool was a little heavy from the transformation perspective."
"The product is very slow to start up, and that is a bit of a problem, actually."
"Enabling/disabling an optional element of an XML request is only possible if a data source (e.g., Excel sheet) is connected to the test. Otherwise, the option is not available at all in the drop-down menu."
"Compatibility with HTTP 1.1 and TLS 1.2 needs to be improved."
"From an automation point of view, it should have better clarity and be more user friendly."
"Tuning the tool takes time because it gives quite a long list of warnings."
"During the process of working with SOAtest and building test cases, the .TST files will grow. A negative side effect is that saving your changes takes more time."
"The UI is not user-friendly and you don't have a yearly reporting facility where you can slice and dice in different jobs."
"The virus code updates are not frequent enough."
"The GUI could be a little less complicated as it opens a lot of new windows for creating search lists, templates, reports, or for scanning purposes."
"The product's pricing could be better."
"In terms of the Policy Compliance model which they currently have, not all the platforms are being covered. If they could improve on the Policy Compliance model, since there are policies which are benchmarked against it, this will be helpful for us."
"There could be better management and faster scanning."
"Sometimes the response time is low because the handshake fails, and then you have to re-login and start again."
"There's a distinction between internal and external scanning processes that could be streamlined. Currently, for internal scanning, specific configurations and scanner appliances need to be deployed within the network, which differs from the simpler setup for external scans. This dual process complicates the setup for comprehensive scanning coverage."
More Qualys Web Application Scanning Pricing and Cost Advice →
Parasoft SOAtest is ranked 28th in Application Security Testing (AST) with 30 reviews while Qualys Web Application Scanning is ranked 14th in Application Security Testing (AST) with 31 reviews. Parasoft SOAtest is rated 8.2, while Qualys Web Application Scanning is rated 7.8. The top reviewer of Parasoft SOAtest writes "Reliable with a good interface but uses too much memory". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Polyspace Code Prover and Klocwork, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Fortify WebInspect. See our Parasoft SOAtest vs. Qualys Web Application Scanning report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.