We performed a comparison between Mend.io and Parasoft SOAtest based on real PeerSpot user reviews.
Find out what your peers are saying about Synopsys, Snyk, Veracode and others in Software Composition Analysis (SCA)."We set the solution up and enabled it and we had everything running pretty quickly."
"Its ease of use and good results are the most valuable."
"The reporting capability gives us the option to generate an open-source license report in a single click, which gets all copyright and license information, including dependencies."
"The most valuable feature is the unified JAR to scan for all langs (wss-scanner jar)."
"WhiteSource helped reduce our mean time to resolution since the adoption of the product."
"The most valuable features are the reporting, customizing libraries "In-house, White list, license selection", comparing the products/projects, and License & Copyright resolution."
"Attribution and license due diligence reports help us with aggregating the necessary data that we, in turn, have to provide to satisfy the various licenses copyright and component usage disclosures in our software."
"Enables scanning/collecting third-party libraries and classifying license types. In this way we ensure our third-party software policy is followed."
"Automatic testing is the most valuable feature."
"If you want something that’s not provided out of the box, then you can write it yourself and integrate it with SOAtest."
"Since the solution has both command line and automation options, it generates good reports."
"Generating new messages, based on the existing .EDN and .XML messages, is a crucial part or the testing project that I’m currently in."
"We have seen a return on investment."
"Every imaginable source in the entire world of information technology can be accessed and used."
"Good write and read files which save execution inputs and outputs and can be stored locally."
"The testing time is shortened because we generate test data automatically with SOAtest."
"At times, the latency of getting items out of the findings after they're remediated is higher than it should be."
"It should support multiple SBOM formats to be able to integrate with old industry standards."
"On the reporting side, they could make some improvements. They are making the reports better and better, but sometimes it takes a lot of time to generate a report for our entire organization."
"It would be good if it can do dynamic code analysis. It is not necessarily in that space, but it can do more because we have too many tools. Their partner relationship support is a little bit confusing. They haven't really streamlined the support process when we buy through a reseller. They should improve their process."
"The initial setup could be simplified."
"Mend supports most of the common package managers, but it doesn't support some that we use. I would appreciate it if they can quickly make these changes to add new package managers when necessary."
"The UI is not that friendly and you need to learn how to navigate easily."
"WhiteSource only produces a report, which is nice to look at. However, you have to check that report every week, to see if something was found that you don't want. It would be great if the build that's generating a report would fail if it finds a very important vulnerability, for instance."
"The performance could be a bit better."
"During the process of working with SOAtest and building test cases, the .TST files will grow. A negative side effect is that saving your changes takes more time."
"The feedback that we received from the DevOps of our organization was that the tool was a little heavy from the transformation perspective."
"UI testing should be more in-depth."
"Enabling/disabling an optional element of an XML request is only possible if a data source (e.g., Excel sheet) is connected to the test. Otherwise, the option is not available at all in the drop-down menu."
"The product is very slow to start up, and that is a bit of a problem, actually."
"Tuning the tool takes time because it gives quite a long list of warnings."
"Compatibility with HTTP 1.1 and TLS 1.2 needs to be improved."
Mend.io is ranked 4th in Software Composition Analysis (SCA) with 29 reviews while Parasoft SOAtest is ranked 24th in Functional Testing Tools with 30 reviews. Mend.io is rated 8.4, while Parasoft SOAtest is rated 8.2. The top reviewer of Mend.io writes "Easy to use, great for finding vulnerabilities, and simple to set up". On the other hand, the top reviewer of Parasoft SOAtest writes "Reliable with a good interface but uses too much memory". Mend.io is most compared with SonarQube, Black Duck, Snyk, Veracode and Checkmarx One, whereas Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Polyspace Code Prover and Klocwork.
We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.