We performed a comparison between Parasoft SOAtest and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The testing time is shortened because we generate test data automatically with SOAtest."
"Automatic testing is the most valuable feature."
"They have a feature where they can record traffic and create tests on the report traffic."
"If you want something that’s not provided out of the box, then you can write it yourself and integrate it with SOAtest."
"We can automate our scenarios in a data driven format, which shows there is no rework on scripts. We only need to update the test data and run for a number of scenarios."
"Technical support is helpful."
"We have seen a return on investment."
"Since the solution has both command line and automation options, it generates good reports."
"This has improved our organization because it has helped to find Security Vulnerabilities."
"There are many options and examples available in the tool that help us fix the issues it shows us."
"We advise all of our developers to have this solution in place."
"Apart from the security point of view, I like that it makes it easy to detect code smells and other issues in terms of code quality and standards."
"The static code analysis of the solution is the most important aspect for us. When it comes to security breaches within the code, we can leverage some rules to allow us to identify the repetition in our code and the possible targets that we may have. It makes it very easy to review our code for security purposes."
"Engineers have also learned from the results and have improved themselves as engineers. This will help them with their careers."
"The most valuable features are code scanning and Quality Gates."
"We are using the Community edition. So, we don't have to incur any licensing costs. This is the best part."
"UI testing should be more in-depth."
"Reporting facilities can be better."
"From an automation point of view, it should have better clarity and be more user friendly."
"During the process of working with SOAtest and building test cases, the .TST files will grow. A negative side effect is that saving your changes takes more time."
"Reports could be customized and more descriptive according to the user's or company's requirements."
"The summary reports could be improved."
"The performance could be a bit better."
"Enabling/disabling an optional element of an XML request is only possible if a data source (e.g., Excel sheet) is connected to the test. Otherwise, the option is not available at all in the drop-down menu."
"There is no automation. You need to put the code there and test. You then pull the results and put them back in the development environment. There is no integration with the development environment. We would like it to be integrated with our development environment, which is basically the CI/CD pipeline or the IDE that we have."
"The product's pricing could be lower."
"Our developers have complained about the Quality Gates and the number of false positives that this product reports."
"We could use some team support, but since we are using the community version, it's not available."
"In the next release, I would like to have notifications because now, it is a bit difficult. I think that's a feature which we could add there and it would benefit the users as well. For every full request, they should be able to see their bugs or vulnerability directly on the surface."
"There needs to be a shareable reporting piece or something we can click and generate easily."
"Dynamic scanning is missing and there are some issues with security scanning."
"I would like to see SonarQube implement a good amount of improvements to the product's security features. Another aspect of SonarQube that could be improved is the search functionality."
Parasoft SOAtest is ranked 28th in Static Application Security Testing (SAST) with 30 reviews while SonarQube is ranked 1st in Static Application Security Testing (SAST) with 110 reviews. Parasoft SOAtest is rated 8.2, while SonarQube is rated 8.0. The top reviewer of Parasoft SOAtest writes "Reliable with a good interface but uses too much memory". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Parasoft SOAtest is most compared with Postman, Coverity, Polyspace Code Prover, Klocwork and ReadyAPI, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk. See our Parasoft SOAtest vs. SonarQube report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.