We performed a comparison between GitGuardian Platform and Parasoft SOAtest based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Some of our teams have hundreds of repositories, so filtering by team saves a lot of time and effort."
"GitGuardian has also helped us develop a security-minded culture. We're serious about shift left and getting better about code security. I think a lot of people are getting more mindful about what a secret is."
"It's also worth mentioning that GitGuardian is unique because they have a free tier that we've been using for the first twelve months. It provides full functionality for smaller teams. We're a smaller company and have never changed in size, but we got to the point where we felt the service brought us value, and we want to pay for it. We also wanted an SLA for technical support and whatnot, so we switched to a paid plan. Without that, they had a super-generous, free tier, and I was immensely impressed with it."
"It actually creates an incident ticket for us. We can now go end-to-end after a secret has been identified, to track down who owns the repository and who is responsible for cleaning it up."
"The secrets detection and alerting is the most important feature. We get alerted almost immediately after someone commits a secret. It has been very accurate, allowing us to jump on it right away, then figure out if we have something substantial that has been leaked or whether it is something that we don't have to worry about. This general main feature of the app is great."
"It enables us to identify leaks that happened in the past and remediate current leaks as they happen in near real-time. When I say "near real-time," I mean within minutes. These are industry-leading remediation timelines for credential leaks. Previously, it might have taken companies years to get credentials detected or remediated. We can do it in minutes."
"Presently, we find the pre-commit hooks more useful."
"The breadth of the solution detection capabilities is pretty good. They have good categories and a lot of different types of secrets... it gives us a great range when it comes to types of secrets, and that's good for us."
"They have a feature where they can record traffic and create tests on the report traffic."
"The testing time is shortened because we generate test data automatically with SOAtest."
"Parasoft SOAtest has improved the quality of our automated web services, which can be easily implemented through service chaining and service virtualization."
"We have seen a return on investment."
"Generating new messages, based on the existing .EDN and .XML messages, is a crucial part or the testing project that I’m currently in."
"Good write and read files which save execution inputs and outputs and can be stored locally."
"We can automate our scenarios in a data driven format, which shows there is no rework on scripts. We only need to update the test data and run for a number of scenarios."
"Automatic testing is the most valuable feature."
"It could be easier. They have a CLI tool that engineers can run on their laptops, but getting engineers to install the tool is a manual process. I would like to see them have it integrated into one of those developer tools, e.g., VS Code or JetBrains, so developers don't have to think about it."
"It would be nice if they supported detecting PII or had some kind of data loss prevention feature."
"There are some features that are lacking in GitGuardian. The more we grow and the more engineers we have, the more it will become difficult to assign an incident because the assignment is not automatic. I know they are working on that and we are waiting for it."
"It took us a while to get new patterns introduced into the pattern reporting process."
"We have encountered occasional difficulties with the Single Sign-On process."
"The main thing for me is the customization for some of the healthcare-specific identifiers that we want to validate. There should be some ability, which is coming in the near future, to have custom identifiers. Being in healthcare, we have pretty specific patterns that we need to match for PHI or PII. Having that would add a little bit extra to it."
"Other solutions have a live chat feature that provides instant results. Waiting for an agent to reply to an email is less ideal than an instant conversation with a support employee. That's a complaint so minor I almost hesitate to mention it."
"There is room for improvement in its integration for bug-tracking. It should be more direct. They have invested a lot in user management, but they need to invest in integrations. That is a real lack."
"Compatibility with HTTP 1.1 and TLS 1.2 needs to be improved."
"The summary reports could be improved."
"From an automation point of view, it should have better clarity and be more user friendly."
"Reports could be customized and more descriptive according to the user's or company's requirements."
"Enabling/disabling an optional element of an XML request is only possible if a data source (e.g., Excel sheet) is connected to the test. Otherwise, the option is not available at all in the drop-down menu."
"Parasoft SOAtest has an internal refresh function where you can refresh the software to show the changes you’ve made in your projects. Unfortunately this function does not work properly, because it often does not show the changes after you’ve hit te refresh button a few times."
"The feedback that we received from the DevOps of our organization was that the tool was a little heavy from the transformation perspective."
"The performance could be a bit better."
GitGuardian Platform is ranked 6th in Application Security Testing (AST) with 21 reviews while Parasoft SOAtest is ranked 28th in Application Security Testing (AST) with 30 reviews. GitGuardian Platform is rated 9.0, while Parasoft SOAtest is rated 8.2. The top reviewer of GitGuardian Platform writes "It dramatically improved our ability to detect secrets, saved us time, and reduced our mean time to remediation". On the other hand, the top reviewer of Parasoft SOAtest writes "Reliable with a good interface but uses too much memory". GitGuardian Platform is most compared with SonarQube, Cycode, GitHub Advanced Security, Snyk and Microsoft Purview Data Loss Prevention, whereas Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Polyspace Code Prover and Klocwork. See our GitGuardian Platform vs. Parasoft SOAtest report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
