Parasoft SOAtest vs Veracode comparison

Cancel
You must select at least 2 products to compare!
Parasoft Logo
1,170 views|807 comparisons
Veracode Logo
27,089 views|18,097 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Parasoft SOAtest and Veracode based on real PeerSpot user reviews.

Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Parasoft SOAtest vs. Veracode Report (Updated: March 2024).
765,234 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The testing time is shortened because we generate test data automatically with SOAtest.""They have a feature where they can record traffic and create tests on the report traffic.""If you want something that’s not provided out of the box, then you can write it yourself and integrate it with SOAtest.""We have seen a return on investment.""Every imaginable source in the entire world of information technology can be accessed and used.""Parasoft SOAtest has improved the quality of our automated web services, which can be easily implemented through service chaining and service virtualization.""The solution is scalable.""We do a lot of web services testing and REST services testing. That is the focus of this product."

More Parasoft SOAtest Pros →

"It is SaaS hosted. That makes it very convenient to use. There is no initial time needed to set up an application. Scanning is a matter of minutes. You just log in, create an application profile, associate a security configuration, and that's about it. It takes 10 minutes to start. The lack of initial lead time or initial overhead to get going is the primary advantage.""We have found the static analysis to be useful in Veracode Static Analysis. However, we are in the process of testing.""All the features provided by Veracode are valuable, including static scan, dynamic scan, and MPT (Manual Penetration Testing).""The dynamic scanning tool is what I like the best. Compared to other tools that I've used for dynamic scanning, it's much faster and easier to use.""There is a single area on the dashboard where you can get a full view of all of the tests and the results from everything. There is a nice, very simple graphic that shows you the types of vulnerabilities that were found, their severity, the scoring, and in what part of the code they were found. All the details are together in one place.""The deployment mode is very useful.""The most valuable feature is the remediation consulting that they give. I feel like any vendor can identify the flaws but fixing the flaws is what is most important. Being able to have those consultation calls, schedule them in the platform, and have that discussion with an applications expert, that process scales well and that is what has allowed a lot more reduction of risk to happen.""Being able to scan our applications and identify all codes and defects is an extremely valuable feature."

More Veracode Pros →

Cons
"Compatibility with HTTP 1.1 and TLS 1.2 needs to be improved.""UI testing should be more in-depth.""From an automation point of view, it should have better clarity and be more user friendly.""Tuning the tool takes time because it gives quite a long list of warnings.""The product is very slow to start up, and that is a bit of a problem, actually.""Enabling/disabling an optional element of an XML request is only possible if a data source (e.g., Excel sheet) is connected to the test. Otherwise, the option is not available at all in the drop-down menu.""During the process of working with SOAtest and building test cases, the .TST files will grow. A negative side effect is that saving your changes takes more time.""The summary reports could be improved."

More Parasoft SOAtest Cons →

"Another problem we have is that, while it is integrated with single sign-on—we are using Okta—the user interface is not great. That's especially true for a permanent link of a report of a page. If you access it, it goes to the normal login page that has nothing that says "Log in with single sign-on," unlike other software as a service that we use. It's quite bothersome because it means that we have to go to the Okta dashboard, find the Veracode link, and log in through it. Only at that point can we go to the permanent link of the page we wanted to access.""The GUI requires significant simplification, as its current complexity creates a steep learning curve for new users.""The scanning on the UI portion of our applications is straightforward, but folks were having challenges with scans that involved microservices. They had to rope in an expert to have it sorted.""I haven't heard about any problems so far. However, it would be great if Veracode automatically packaged stuff up for you.""In the last month or so, I had a problem with the APIs when doing some implementations. The Veracode support team could be more specific and give me more examples. They shouldn't just copy the URL for a doc and send it to me.""Some important languages are not supported.""I would like to see these features: entering comments for internal tracking; entering a priority; reports that show the above.""A high number of false positives are reported and this should be reduced."

More Veracode Cons →

Pricing and Cost Advice
  • "From what I understand, Parasoft SOAtest isn't the cheapest option. But it has a lot to offer."
  • "The cost of Parasoft seems to have gotten higher with a projection that wasn't really stipulated for our company. They've done a tremendous job at negotiating those deals."
  • "I think it would be a great step to decrease the price of the licenses."
  • "It is an expensive product, so think carefully about whether it fits your purposes and is the right tool for you."
  • "We are completed satisfied with Parasoft SOAtest. The ROI is more than 95%."
  • "The license price is a little expensive, but it provides a better outcome in terms of the end-to-end automation process."
  • "They do have a confusing licensing structure."
  • "The price is around $5,000 USD."
  • More Parasoft SOAtest Pricing and Cost Advice →

  • "Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background."
  • "The pricing is pretty high."
  • "The worst part about the product is that it does not scale at all. Also, microservices apps will cost you a fortune."
  • "I think licensing needs to be changed or updated so that it works with adjustments. Pricing is expensive compared to the amount of scanning we perform."
  • "It's worth the value"
  • "Pricing seems fair for what is offered, and licensing has been no problem. All developers are able to get the access they need."
  • "It can be expensive to do this, so I would just make sure that you're getting the proper number of licenses. Do your analysis. Make sure you know exactly what it is you need, going in."
  • "The licensing and prices were upfront and clear. They stand behind everything that is said during the commercial phase and during the onboarding phase. Even the most irrelevant "that can be done" was delivered, no matter how important the request was."
  • More Veracode Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Application Security Testing (AST) solutions are best for your needs.
    765,234 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Since the solution has both command line and automation options, it generates good reports.
    Top Answer:Tuning the tool takes time because it gives quite a long list of warnings. Going through that is a challenge. It only happens in the initial stage when we are setting up the tool, but it can be… more »
    Top Answer:SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use… more »
    Top Answer:The SAST and DAST modules are great.
    Top Answer:The product’s price is a bit higher compared to other solutions. However, the tool provides good vulnerability and database features. It is worth the money.
    Ranking
    Views
    1,170
    Comparisons
    807
    Reviews
    4
    Average Words per Review
    440
    Rating
    7.0
    Views
    27,089
    Comparisons
    18,097
    Reviews
    97
    Average Words per Review
    972
    Rating
    8.1
    Comparisons
    SonarQube logo
    Compared 28% of the time.
    Checkmarx logo
    Compared 14% of the time.
    Snyk logo
    Compared 6% of the time.
    Fortify on Demand logo
    Compared 6% of the time.
    OWASP Zap logo
    Compared 4% of the time.
    Also Known As
    SOAtest
    Crashtest Security , Veracode Detect
    Learn More
    Parasoft
    Video Not Available
    Interactive Demo
    Overview

    Parasoft SOAtest delivers fully integrated API and web service testing capabilities that automate end-to-end functional API testing. Streamline automated testing with advanced codeless test creation for applications with multiple interfaces (REST & SOAP APIs, microservices, databases, and more).

    SOAtest reduces the risk of security breaches and performance outages by transforming functional testing artifacts into security and load equivalents. Such reuse, along with continuous monitoring of APIs for change, allows faster and more efficient testing.

    Veracode is a leading application security platform that helps organizations to develop and deliver secure software. Veracode's solution provides comprehensive capabilities for static analysis, dynamic analysis, software composition analysis, and manual penetration testing.

    Veracode's static analysis solution scans source code for various security vulnerabilities, including common web application attack vectors, injection flaws, cross-site scripting, and insecure direct object references. Veracode's dynamic analysis solution simulates real-world attacks to identify vulnerabilities that may not be detectable by static analysis alone. Veracode's software composition analysis solution scans open-source and third-party components for known vulnerabilities. Veracode's manual penetration testing service is performed by experienced security professionals who use a variety of techniques to identify vulnerabilities in software applications.

    Many organizations, including Fortune 500 companies, government agencies, and startups, use Veracode's solution. Veracode's customers rely on Veracode to help them to improve the security of their software applications and to reduce the risk of data breaches and other security incidents.

    Here are some of the benefits of using Veracode:

    • Veracode provides capabilities for static analysis, dynamic analysis, software composition analysis, and manual penetration testing to help organizations identify and fix security vulnerabilities in their software applications early in the development process.
    • Veracode helps organizations reduce the risk of data breaches and other security incidents by identifying and fixing security vulnerabilities in their software application. 
    • Veracode helps organizations to comply with industry regulations. Many industries have regulations that require organizations to implement security measures to protect their customers' data. Veracode's solution can help organizations to comply with these regulations by providing them with the tools and resources they need to identify and fix security vulnerabilities in their software applications.
    Offer
    Learn more about Parasoft SOAtest
    Keep your software secure

    Application security starts with secure code. Find out more about the benefits of using Veracode to keep your software secure throughout the development lifecycle.

    Sample Customers
    Charter Communications, Sabre, Caesars Entertainment, Charles Schwab, ING, Intel, Northbridge Financial, Capital Services, WoodmenLife
    Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.
    Top Industries
    REVIEWERS
    Financial Services Firm43%
    Government14%
    Manufacturing Company7%
    Energy/Utilities Company7%
    VISITORS READING REVIEWS
    Financial Services Firm32%
    Manufacturing Company14%
    Computer Software Company13%
    Government4%
    REVIEWERS
    Computer Software Company26%
    Financial Services Firm23%
    Insurance Company9%
    Comms Service Provider6%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company15%
    Manufacturing Company8%
    Government6%
    Company Size
    REVIEWERS
    Small Business22%
    Midsize Enterprise9%
    Large Enterprise69%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise9%
    Large Enterprise75%
    REVIEWERS
    Small Business31%
    Midsize Enterprise20%
    Large Enterprise49%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise13%
    Large Enterprise70%
    Buyer's Guide
    Parasoft SOAtest vs. Veracode
    March 2024
    Find out what your peers are saying about Parasoft SOAtest vs. Veracode and other solutions. Updated: March 2024.
    765,234 professionals have used our research since 2012.

    Parasoft SOAtest is ranked 28th in Application Security Testing (AST) with 30 reviews while Veracode is ranked 2nd in Application Security Testing (AST) with 186 reviews. Parasoft SOAtest is rated 8.2, while Veracode is rated 8.2. The top reviewer of Parasoft SOAtest writes "Reliable with a good interface but uses too much memory". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Polyspace Code Prover and Apache JMeter, whereas Veracode is most compared with SonarQube, Checkmarx, Snyk, Fortify on Demand and OWASP Zap. See our Parasoft SOAtest vs. Veracode report.

    See our list of best Application Security Testing (AST) vendors.

    We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.