We performed a comparison between GitLab and Parasoft SOAtest based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."CI/CD and GitLab scanning are the most valuable features."
"Everything is easy to configure and easy to work with."
"The dashboard and interface make it easy to use."
"I like that it's easy to deploy our services over GitLab. The customer support is also good with a really active community. You have a lot of support that you can get online with your stack. That is probably one of the benefits of using GitLab. It's also really fast."
"We use the Git repository and tagging feature. We are a product-based company and use this solution to move to a forward or backward tag."
"The tool helps to integrate CI/CD pipeline deployments. It is very easy to learn. Its security model is good."
"The user interface is really good so that helps with huge teams who need to collaborate."
"We like that we can create branches and then the branches can be reviewed and you can mesh those branches back. You can independently work with your own branch, you don't need to really control the core of other people."
"Since the solution has both command line and automation options, it generates good reports."
"Good write and read files which save execution inputs and outputs and can be stored locally."
"Parasoft SOAtest has improved the quality of our automated web services, which can be easily implemented through service chaining and service virtualization."
"The testing time is shortened because we generate test data automatically with SOAtest."
"If you want something that’s not provided out of the box, then you can write it yourself and integrate it with SOAtest."
"They have a feature where they can record traffic and create tests on the report traffic."
"Automatic testing is the most valuable feature."
"Technical support is helpful."
"In the free version, when a merge request is raised, there is no way to enforce certain rules. We can't enforce that this merge request must be reviewed or approved by two or three people in the team before it is pushed to the master branch. That's why we are exploring using some agents."
"We have only seen a couple of issues on Gitlab, which we use for building some of the applications."
"Atlassian offers more products than GitLab. GitLab offers source control management, version control and collaboration between developers. Atlassian offers features on top of this as well as more integration points for developers."
"The integration could be slightly better."
"It's more related to the supporting layer of features, such as issue management and issue tracking. We tend to always use, for example, Jira next to it. That doesn't mean that GitLab should build something similar to Jira because that will always have its place, but they could grow a bit in those kinds of supporting features. I see some, for example, covering ITSM on a DevOps team level, and that's one of the things that I and my current client would find really helpful. It's understandably not going to be their main focus and their core, and whenever you are with a company that needs a bit more advanced features on that specific topic, you're probably still going to integrate with another tool like Jira Service Management, for example. However, some basic features on things like that could be really helpful."
"It would be better if there weren't any outages. There are occasions where we usually see a lot of outages using GitLab. It happens at least once a week or something like that. Whatever pipelines you're running, to check the logs, you need to have a different set of tools like Argus or something like that. If you have pipelines running on GitLab, you need a separate service deployed to view the logs, which is kind of a pain. If the logs can be used conveniently on GitLab, that would be definitely helpful. I'm not talking about the CI/CD pipelines but the back-end services and microservices deployed over GitLab. To view the logs for those microservices, you need to have separate log viewers, which is kind of a pain."
"This solution could be improved by adding modifications such as slack notifications."
"We do face issues in our company when we run out of disk space."
"During the process of working with SOAtest and building test cases, the .TST files will grow. A negative side effect is that saving your changes takes more time."
"Parasoft SOAtest has an internal refresh function where you can refresh the software to show the changes you’ve made in your projects. Unfortunately this function does not work properly, because it often does not show the changes after you’ve hit te refresh button a few times."
"The performance could be a bit better."
"Tuning the tool takes time because it gives quite a long list of warnings."
"Enabling/disabling an optional element of an XML request is only possible if a data source (e.g., Excel sheet) is connected to the test. Otherwise, the option is not available at all in the drop-down menu."
"The product is very slow to start up, and that is a bit of a problem, actually."
"From an automation point of view, it should have better clarity and be more user friendly."
"Compatibility with HTTP 1.1 and TLS 1.2 needs to be improved."
GitLab is ranked 7th in Application Security Testing (AST) with 70 reviews while Parasoft SOAtest is ranked 28th in Application Security Testing (AST) with 30 reviews. GitLab is rated 8.6, while Parasoft SOAtest is rated 8.2. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of Parasoft SOAtest writes "Reliable with a good interface but uses too much memory". GitLab is most compared with Microsoft Azure DevOps, Bamboo, AWS CodePipeline, SonarQube and Tekton, whereas Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Klocwork and Polyspace Code Prover. See our GitLab vs. Parasoft SOAtest report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
