We performed a comparison between Parasoft SOAtest and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Technical support is helpful."
"The solution is scalable."
"If you want something that’s not provided out of the box, then you can write it yourself and integrate it with SOAtest."
"We do a lot of web services testing and REST services testing. That is the focus of this product."
"Good write and read files which save execution inputs and outputs and can be stored locally."
"We have seen a return on investment."
"Every imaginable source in the entire world of information technology can be accessed and used."
"The testing time is shortened because we generate test data automatically with SOAtest."
"The tool helps us to monitor and manage violations. It manages the bugs and security violations."
"It provides the security that is required from a solution for financial businesses."
"The good thing with SonarQube is it covers a lot of issues, it's a very robust framework."
"It is a very good tool for analysis and security vulnerability checking."
"The solution's user interface is very user-friendly."
"The product is simple."
"SonarQube is a fantastic tool which saves us precious time."
"The most valuable feature of this solution is that it is free."
"During the process of working with SOAtest and building test cases, the .TST files will grow. A negative side effect is that saving your changes takes more time."
"The feedback that we received from the DevOps of our organization was that the tool was a little heavy from the transformation perspective."
"Reporting facilities can be better."
"The product is very slow to start up, and that is a bit of a problem, actually."
"The summary reports could be improved."
"Enabling/disabling an optional element of an XML request is only possible if a data source (e.g., Excel sheet) is connected to the test. Otherwise, the option is not available at all in the drop-down menu."
"Parasoft SOAtest has an internal refresh function where you can refresh the software to show the changes you’ve made in your projects. Unfortunately this function does not work properly, because it often does not show the changes after you’ve hit te refresh button a few times."
"Compatibility with HTTP 1.1 and TLS 1.2 needs to be improved."
"I find it is light on the security side."
"It would be better if SonarQube provided a good UI for external configuration."
"The product provides false reports sometimes."
"We previously experienced issues with security but a segregated security violation has been implemented and the issues we experienced are being fixed."
"The product must improve security analysis."
"In terms of what can be improved, the areas that need more attention in the solution are its architecture and development."
"Code security could be better. They are already focusing on it, but I see a lot of improvement opportunities over there. I can see a lot of false positives in terms of security. They need to make the tests more accurate so that the false positives are not detected so frequently. It would also help if they provided us with an installer."
"A better design of the interface and add some new rules."
Parasoft SOAtest is ranked 28th in Static Application Security Testing (SAST) with 30 reviews while SonarQube is ranked 1st in Static Application Security Testing (SAST) with 110 reviews. Parasoft SOAtest is rated 8.2, while SonarQube is rated 8.0. The top reviewer of Parasoft SOAtest writes "Good API testing and RIT feature; clarity could be improved". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Parasoft SOAtest is most compared with Postman, Coverity, Polyspace Code Prover, Klocwork and ReadyAPI, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk. See our Parasoft SOAtest vs. SonarQube report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.