We performed a comparison between Parasoft SOAtest and Veracode based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."They have a feature where they can record traffic and create tests on the report traffic."
"The testing time is shortened because we generate test data automatically with SOAtest."
"The solution is scalable."
"Parasoft SOAtest has improved the quality of our automated web services, which can be easily implemented through service chaining and service virtualization."
"We have seen a return on investment."
"If you want something that’s not provided out of the box, then you can write it yourself and integrate it with SOAtest."
"We can automate our scenarios in a data driven format, which shows there is no rework on scripts. We only need to update the test data and run for a number of scenarios."
"Every imaginable source in the entire world of information technology can be accessed and used."
"The dependency graph visualization provides the ability to see nested dependencies within libraries for pinpointing vulnerabilities."
"I like the static scanning, and Veracode's interface is excellent. The dashboard is easy to navigate."
"It's hard to say that any single feature is the most essential. There are many errors and vulnerabilities in software today in the standard libraries for different vendors because. We don't need to reinvent the wheel every time because we're using standard libraries, and it's important to know that your security isn't compromised because you are using libraries with vulnerabilities."
"The Veracode technical support is very good. They are responsive and very knowledgeable."
"The most valuable feature is the dynamic application security testing."
"Veracode has a nice API that they provide to allow for custom things to be built, or automation. We actually have integrated Veracode into our software development cycle using their API. We actually are able to automatically, every time a new build of a software is completed, submit that application, kick off a scan, and we get results in a much more automated fashion."
"The coverage of the last vulnerabilities reported."
"It changes the DevSecOps process because we find flaws much earlier in the development life cycle, and we also spot third-party software that we don't allow on developers' machines."
"Reporting facilities can be better."
"Reports could be customized and more descriptive according to the user's or company's requirements."
"The product is very slow to start up, and that is a bit of a problem, actually."
"The performance could be a bit better."
"Tuning the tool takes time because it gives quite a long list of warnings."
"Enabling/disabling an optional element of an XML request is only possible if a data source (e.g., Excel sheet) is connected to the test. Otherwise, the option is not available at all in the drop-down menu."
"UI testing should be more in-depth."
"The summary reports could be improved."
"We use Ruby on Rails and we still don't have any support for that from Veracode."
"The ideal situation in terms of putting the results in front of the developers would be with Veracode integration into the developer environment (IDE). They do have a plugin, which we've used in the past, but we were not as positive about it."
"Sometimes, the scans halt or drop for some reason, and we need to get help from Veracode to fix it."
"Veracode can be improved in terms of software composition analysis and related vulnerabilities."
"A high number of false positives are reported and this should be reduced."
"The triage indicator was kind of hard to find. It's a very small arrow and I had no idea it was there."
"The area with the most room for improvement is the speed and responsiveness of the query, as it is usually very slow."
"The technical support service has room for improvement."
Parasoft SOAtest is ranked 28th in Static Application Security Testing (SAST) with 30 reviews while Veracode is ranked 2nd in Static Application Security Testing (SAST) with 194 reviews. Parasoft SOAtest is rated 8.2, while Veracode is rated 8.2. The top reviewer of Parasoft SOAtest writes "Good API testing and RIT feature; clarity could be improved". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Polyspace Code Prover and Selenium HQ, whereas Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand, Snyk and Fortify Static Code Analyzer. See our Parasoft SOAtest vs. Veracode report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.