We performed a comparison between Checkmarx One and Parasoft SOAtest based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We use the solution for dynamic application testing."
"We were using HPE Security Fortify to scan code for security vulnerabilities, but it can scan only after a successful compile. If the code has dependencies or build errors, the scan fails. With Checkmarx, pre-compile scanning is seamless. This allows us to scan more code."
"The main benefit to using this solution is that we find vulnerabilities in our software before the development cycle is complete."
"Checkmarx pinpoints the vulnerability in the code and also presents the flow of malicious input across the application."
"The solution is always updating to continuously add items that create a level of safety from vulnerabilities. It's one of the key features they provide that's an excellent selling point. They're always ahead of the game when it comes to finding any vulnerabilities within the database."
"The most valuable feature for me is the Jenkins Plugin."
"The administration in Checkmarx is very good."
"What I like best about Checkmarx is that it has fewer false positives than other products, giving you better results."
"The solution is scalable."
"Since the solution has both command line and automation options, it generates good reports."
"Good write and read files which save execution inputs and outputs and can be stored locally."
"The testing time is shortened because we generate test data automatically with SOAtest."
"Every imaginable source in the entire world of information technology can be accessed and used."
"Technical support is helpful."
"Automatic testing is the most valuable feature."
"Parasoft SOAtest has improved the quality of our automated web services, which can be easily implemented through service chaining and service virtualization."
"Checkmarx being Windows only is a hindrance. Another problem is: why can't I choose PostgreSQL?"
"The pricing can get a bit expensive, depending on the company's size."
"They could work to improve the user interface. Right now, it really is lacking."
"Checkmarx could be improved with more integration with third-party software."
"It would be really helpful if the level of confidence was included, with respect to identified issues."
"The lack of ability to review compiled source code. It would then be able to compete with other scanning tools, such as Veracode."
"The tool is currently quite static in terms of finding security vulnerabilities. It would be great if it was more dynamic and we had even more tools at our disposal to keep us safe. It would help if there was more scanning or if the process was more automated."
"When we first ran it on a big project, there wasn't enough memory on the computer. It originally ran with eight gigabytes, and now it runs with 32. The software stopped at some point, and while I don't think it said it ran out of memory, it just said "stopped" and something else. We had to go to the logs and send them to the integrator, and eventually, they found a memory issue in the logs and recommended increasing the memory. We doubled it once, and it didn't seem enough. We doubled it again, and it helped."
"Reporting facilities can be better."
"Enabling/disabling an optional element of an XML request is only possible if a data source (e.g., Excel sheet) is connected to the test. Otherwise, the option is not available at all in the drop-down menu."
"Tuning the tool takes time because it gives quite a long list of warnings."
"From an automation point of view, it should have better clarity and be more user friendly."
"UI testing should be more in-depth."
"The performance could be a bit better."
"The product is very slow to start up, and that is a bit of a problem, actually."
"Reports could be customized and more descriptive according to the user's or company's requirements."
Checkmarx One is ranked 3rd in Application Security Testing (AST) with 67 reviews while Parasoft SOAtest is ranked 28th in Application Security Testing (AST) with 30 reviews. Checkmarx One is rated 7.6, while Parasoft SOAtest is rated 8.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Parasoft SOAtest writes "Reliable with a good interface but uses too much memory". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Polyspace Code Prover and Klocwork. See our Checkmarx One vs. Parasoft SOAtest report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.