We performed a comparison between Checkmarx One and Parasoft SOAtest based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The main advantage of this solution is its centralized reporting functionality, which lets us track issues, then see and report on the priorities via a web portal."
"The solution is always updating to continuously add items that create a level of safety from vulnerabilities. It's one of the key features they provide that's an excellent selling point. They're always ahead of the game when it comes to finding any vulnerabilities within the database."
"The solution has good performance, it is able to compute in 10 to 15 minutes."
"We use the solution to validate the source code and do SAST and security analysis."
"Both automatic and manual code review (CxQL) are valuable."
"The most valuable feature is that it actually identifies the different criteria you can set to meet whatever standards you're trying to get your system accredited for."
"Vulnerability details is valuable."
"The setup is fairly easy. We didn't struggle with the process at all."
"Automatic testing is the most valuable feature."
"Parasoft SOAtest has improved the quality of our automated web services, which can be easily implemented through service chaining and service virtualization."
"We have seen a return on investment."
"Every imaginable source in the entire world of information technology can be accessed and used."
"The testing time is shortened because we generate test data automatically with SOAtest."
"The solution is scalable."
"They have a feature where they can record traffic and create tests on the report traffic."
"Generating new messages, based on the existing .EDN and .XML messages, is a crucial part or the testing project that I’m currently in."
"The reports are good, but they still need to be improved considering what the UI offers."
"Checkmarx could improve the REST APIs by including automation."
"The pricing can get a bit expensive, depending on the company's size."
"The cost per user is high and should be reduced."
"One area for improvement in Checkmarx is pricing, as it's more expensive than other products."
"I would like the product to include more debugging and developed tools. It needs to also add enhancements on the coding side."
"The validation process needs to be sped up."
"The integration could improve by including, for example, DevSecOps."
"Reporting facilities can be better."
"From an automation point of view, it should have better clarity and be more user friendly."
"Reports could be customized and more descriptive according to the user's or company's requirements."
"The product is very slow to start up, and that is a bit of a problem, actually."
"The performance could be a bit better."
"Enabling/disabling an optional element of an XML request is only possible if a data source (e.g., Excel sheet) is connected to the test. Otherwise, the option is not available at all in the drop-down menu."
"The summary reports could be improved."
"Tuning the tool takes time because it gives quite a long list of warnings."
Checkmarx One is ranked 3rd in Static Application Security Testing (SAST) with 67 reviews while Parasoft SOAtest is ranked 29th in Static Application Security Testing (SAST) with 30 reviews. Checkmarx One is rated 7.6, while Parasoft SOAtest is rated 8.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Parasoft SOAtest writes "Good API testing and RIT feature; clarity could be improved". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Polyspace Code Prover and ReadyAPI. See our Checkmarx One vs. Parasoft SOAtest report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.