We performed a comparison between Parasoft SOAtest and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution is scalable."
"We have seen a return on investment."
"Every imaginable source in the entire world of information technology can be accessed and used."
"Parasoft SOAtest has improved the quality of our automated web services, which can be easily implemented through service chaining and service virtualization."
"If you want something that’s not provided out of the box, then you can write it yourself and integrate it with SOAtest."
"We do a lot of web services testing and REST services testing. That is the focus of this product."
"Generating new messages, based on the existing .EDN and .XML messages, is a crucial part or the testing project that I’m currently in."
"The testing time is shortened because we generate test data automatically with SOAtest."
"The fact that the solution does security scanning is valuable."
"We advise all of our developers to have this solution in place."
"I like that it helps us maintain our work quality and code security."
"The customizable dashboard and ability to include results and coverage from unit test and other static analysis code tools."
"The SonarQube dashboard looks great."
"The static code analysis of the solution is the most important aspect for us. When it comes to security breaches within the code, we can leverage some rules to allow us to identify the repetition in our code and the possible targets that we may have. It makes it very easy to review our code for security purposes."
"It is an easy tool that you can deploy and configure. After that you can measure the history of your obligation and integrate it with other tools like GitLab or GitHub or Azure DevOps to do quality code analysis."
"This solution has the capability to analyze source code in almost all the languages in the market."
"Tuning the tool takes time because it gives quite a long list of warnings."
"The performance could be a bit better."
"From an automation point of view, it should have better clarity and be more user friendly."
"UI testing should be more in-depth."
"The product is very slow to start up, and that is a bit of a problem, actually."
"Enabling/disabling an optional element of an XML request is only possible if a data source (e.g., Excel sheet) is connected to the test. Otherwise, the option is not available at all in the drop-down menu."
"Reports could be customized and more descriptive according to the user's or company's requirements."
"Compatibility with HTTP 1.1 and TLS 1.2 needs to be improved."
"The interface could be a little better and should be enhanced."
"If there was an official Docker image of SonarQube that could easily integrate into the pipeline would help the user to plug in and plug out and use it directly without any custom configuration. I am not sure if this is being offered already in an update but it would be very helpful."
"We're in the process of figuring out how to automate the workflow for QA audit controls on it. I think that's perhaps an area that we could use some buffing. We're a Kubernetes shop, so there are some things that aren't direct fits, which we're struggling with on the component Docker side. But nothing major."
"We found a solution with dynamic testing, and are looking to find a solution that can be used for both types of testing."
"SonarQube is not development-centric like Snyk."
"We have tens of millions of code to be analyzed and processed. There can be some performance degradation if we are applying Sonar Link to large code or code that is complex. When the code had to be analyzed is when we ran into the main issues. There were several routines involved to solve those performance issues but this process should be improved."
"The pricing could be reduced a bit. It's a little expensive."
"We previously experienced issues with security but a segregated security violation has been implemented and the issues we experienced are being fixed."
Parasoft SOAtest is ranked 28th in Application Security Testing (AST) with 30 reviews while SonarQube is ranked 1st in Application Security Testing (AST) with 108 reviews. Parasoft SOAtest is rated 8.2, while SonarQube is rated 8.0. The top reviewer of Parasoft SOAtest writes "Reliable with a good interface but uses too much memory". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Parasoft SOAtest is most compared with Postman, Coverity, Polyspace Code Prover, Klocwork and ReadyAPI, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk. See our Parasoft SOAtest vs. SonarQube report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.