We performed a comparison between Parasoft SOAtest and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We do a lot of web services testing and REST services testing. That is the focus of this product."
"The testing time is shortened because we generate test data automatically with SOAtest."
"We can automate our scenarios in a data driven format, which shows there is no rework on scripts. We only need to update the test data and run for a number of scenarios."
"Every imaginable source in the entire world of information technology can be accessed and used."
"The solution is scalable."
"We have seen a return on investment."
"Good write and read files which save execution inputs and outputs and can be stored locally."
"They have a feature where they can record traffic and create tests on the report traffic."
"I like that it has a better dashboard compared to Clockwork. It's also stable."
"It is working fine. It provides a good value for money."
"We have worked with the support from SonarQube and we have had good experiences."
"The tool helps us to monitor and manage violations. It manages the bugs and security violations."
"The SonarQube dashboard looks great."
"Some of the most valuable features have been the latest up-to-date of the OWASP, the monitoring, the reporting, and the ease of use with the IDE plugins, in terms of integration."
"We advise all of our developers to have this solution in place."
"It easily ties into our continuous integration pipeline."
"The feedback that we received from the DevOps of our organization was that the tool was a little heavy from the transformation perspective."
"UI testing should be more in-depth."
"The product is very slow to start up, and that is a bit of a problem, actually."
"Enabling/disabling an optional element of an XML request is only possible if a data source (e.g., Excel sheet) is connected to the test. Otherwise, the option is not available at all in the drop-down menu."
"Reports could be customized and more descriptive according to the user's or company's requirements."
"During the process of working with SOAtest and building test cases, the .TST files will grow. A negative side effect is that saving your changes takes more time."
"Tuning the tool takes time because it gives quite a long list of warnings."
"The summary reports could be improved."
"The implementation of the solution is straightforward. However, we did have some initial initialization issues at the of the projects. I don't think it was SonarQube's fault. It was the way it was implemented in our organization because it's mainly integrated with many software, such as Jira, Confluence, and Butler."
"For improvement, this solution could be offered on Docker and the cloud and the support for this solution could be improved. Customizing rules could also be made simpler."
"SonarQube needs to improve its support model. They do not work 24/7, and they do not provide weekend support in case things go wrong. They only have a standard 8:00 am to 5:00 pm support model in which you have to raise a support ticket and wait. The support model is not effective for premium customers."
"New plug-ins should be integrated into SonarCloud to give more flexibility to the product."
"This solution finds issues that are similar to what is found by Checkmarx, and it would be nice if the overlap could be eliminated."
"The solution could improve by providing more advanced technologies."
"Our developers have complained about the Quality Gates and the number of false positives that this product reports."
"This is a well-rounded solution, however, some features could be made available on the free version. The price of the solution could be reduced."
Parasoft SOAtest is ranked 28th in Static Application Security Testing (SAST) with 30 reviews while SonarQube is ranked 1st in Static Application Security Testing (SAST) with 110 reviews. Parasoft SOAtest is rated 8.2, while SonarQube is rated 8.0. The top reviewer of Parasoft SOAtest writes "Good API testing and RIT feature; clarity could be improved". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Parasoft SOAtest is most compared with Postman, Coverity, Polyspace Code Prover, Klocwork and ReadyAPI, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk. See our Parasoft SOAtest vs. SonarQube report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.