We performed a comparison between Checkmarx One and Parasoft SOAtest based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The identification of verification-related security vulnerabilities is really important and one of the key things. It also identifies vulnerabilities for any kind of third-party tool coming into the system or any third-party tools that you are using, which is very useful for avoiding random hacking."
"The setup is fairly easy. We didn't struggle with the process at all."
"The product's most valuable feature is static code and supply chain effect analysis. It provides a lot of visibility."
"From my point of view, it is the best product on the market."
"We use the solution for dynamic application testing."
"It is a stable product."
"Our static operation security has been able to identify more security issues since implementing this solution."
"I like that you don't have to compile the code in order to execute static code analysis. So, it's very handy."
"Technical support is helpful."
"The testing time is shortened because we generate test data automatically with SOAtest."
"We can automate our scenarios in a data driven format, which shows there is no rework on scripts. We only need to update the test data and run for a number of scenarios."
"We do a lot of web services testing and REST services testing. That is the focus of this product."
"Every imaginable source in the entire world of information technology can be accessed and used."
"The solution is scalable."
"Parasoft SOAtest has improved the quality of our automated web services, which can be easily implemented through service chaining and service virtualization."
"We have seen a return on investment."
"We want to have a holistic view of the portfolio-level dashboard and not just an individual technical project level."
"It provides us with quite a handful of false positive issues. If Checkmarx could reduce this number, it would be a great tool to use."
"C, C++, VB and T-SQL are not supported by this product. Although, C and C++ were advertised as being supported."
"With Checkmarx, normally you need to use one tool for quality and you need to use another tool for security. I understand that Checkmarx is not in the parity space because it's totally different, but they could include some free features or recommendations too."
"Its pricing model can be improved. Sometimes, it is a little complex to understand its pricing model."
"When we first ran it on a big project, there wasn't enough memory on the computer. It originally ran with eight gigabytes, and now it runs with 32. The software stopped at some point, and while I don't think it said it ran out of memory, it just said "stopped" and something else. We had to go to the logs and send them to the integrator, and eventually, they found a memory issue in the logs and recommended increasing the memory. We doubled it once, and it didn't seem enough. We doubled it again, and it helped."
"The lack of ability to review compiled source code. It would then be able to compete with other scanning tools, such as Veracode."
"The cost per user is high and should be reduced."
"Parasoft SOAtest has an internal refresh function where you can refresh the software to show the changes you’ve made in your projects. Unfortunately this function does not work properly, because it often does not show the changes after you’ve hit te refresh button a few times."
"Tuning the tool takes time because it gives quite a long list of warnings."
"The product is very slow to start up, and that is a bit of a problem, actually."
"Reporting facilities can be better."
"Reports could be customized and more descriptive according to the user's or company's requirements."
"During the process of working with SOAtest and building test cases, the .TST files will grow. A negative side effect is that saving your changes takes more time."
"From an automation point of view, it should have better clarity and be more user friendly."
"The feedback that we received from the DevOps of our organization was that the tool was a little heavy from the transformation perspective."
Checkmarx One is ranked 3rd in Static Application Security Testing (SAST) with 67 reviews while Parasoft SOAtest is ranked 28th in Static Application Security Testing (SAST) with 30 reviews. Checkmarx One is rated 7.6, while Parasoft SOAtest is rated 8.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Parasoft SOAtest writes "Good API testing and RIT feature; clarity could be improved". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Polyspace Code Prover and ReadyAPI. See our Checkmarx One vs. Parasoft SOAtest report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.