Parasoft SOAtest vs SonarQube comparison

Cancel
You must select at least 2 products to compare!
Parasoft Logo
3,876 views|2,596 comparisons
Sonar Logo
87,335 views|71,190 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Parasoft SOAtest and SonarQube based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, GitLab and others in Application Security Testing (AST).
To learn more, read our detailed Application Security Testing (AST) Report (Updated: November 2022).
656,474 professionals have used our research since 2012.
Featured Review
Use Parasoft SOAtest?
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Good write and read files which save execution inputs and outputs and can be stored locally."

More Parasoft SOAtest Pros →

"It is an easy tool that you can deploy and configure. After that you can measure the history of your obligation and integrate it with other tools like GitLab or GitHub or Azure DevOps to do quality code analysis.""The most valuable features are that it is user-friendly, easy to access, and they provide good training files.""The reporting and the results are quick. It gets integrated within the pipeline well.""The most valuable feature of SonarQube I have found to be the configuration that has allowed us to can make adjusts to the demands of the code review. It gives a specified classification regarding the skill, prioritization, and it is easy for me to review and make my code.""The solution can verify vulnerabilities, code smells, and hotspots. It makes the software more secure and it helps make a junior or novice developer sharper.""Some of the most valuable features have been the latest up-to-date of the OWASP, the monitoring, the reporting, and the ease of use with the IDE plugins, in terms of integration.""It is a good deal compared to all other tools on the market.""The solution has a wide variety of features and an open-source community that you are able to learn Java, JavaScript, or any other programing language."

More SonarQube Pros →

Cons
"From an automation point of view, it should have better clarity and be more user friendly."

More Parasoft SOAtest Cons →

"Having performance regression would be a helpful add on or ability to be able to do during the scan.""The BPM language is important and should be considered in SonarQube.""The exporting capabilities could be improved. Currently, exporting is fully dependent on the SonarQube environment.""We had some issues scanning the master branch but when we upgraded to version 7.9 we noticed it does scan the master branch but we had to do a workaround for it to happen. This process could be improved in a future release.""SonarQube could be improved with more dynamic testing—basically, now, it's a static code analysis scan. For example, when the developer writes the code and does the corresponding unit test, he can cover functional and non-functional. So the SonarQube could be improved by helping to execute unit tests and test dynamically, using various parameters, and to help detect any vulnerabilities. Currently, it'll just give the test case and say whether it passes or fails—it won't give you any other input or dynamic testing. They could use artificial intelligence to build a feature that would help developers identify and fix issues in the early stages, which would help us deliver the product and reduce costs. Another area with room for improvement is in regard to automating things, since the process currently needs to be done manually.""There needs to be a shareable reporting piece or something we can click and generate easily.""This is a well-rounded solution, however, some features could be made available on the free version. The price of the solution could be reduced.""Dynamic scanning is missing and there are some issues with security scanning."

More SonarQube Cons →

Pricing and Cost Advice
Information Not Available
  • "It's a bit expensive for us. The currency rate of the dollar is a problem but it may be fine for other countries."
  • "I think comparing the product to competitors it should be less expensive."
  • "The development license cost is reasonable, and we've had no concerns about SonarQube when it comes to cost."
  • "We use the free version; there are no hidden costs or licensing required."
  • "We have a license with 125,000 lines of code. We did not purchase a lot of lines but it is specific to our code environment."
  • "I use the full trial version of SonarQube."
  • "There are many different packages with different pricing options available. We are able to try what we have and if we need extra features we can upgrade the license."
  • "The beauty of this solution is the free open-source version is capable enough in doing pretty much what an enterprise-level version can do."
  • More SonarQube Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Application Security Testing (AST) solutions are best for your needs.
    656,474 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:From an automation point of view, it should have better clarity and be more user friendly. Some aspects were difficult and therefore less useful for us, perhaps we lack the coding knowledge on that.
    Top Answer:We are a large company based in India. The primary use case of this solution is for our REST architecture. Parasoft uses different languages like JSON, XML and SORBS. It's like an API testing tool and… more »
    Top Answer:In general, this is a hassle free, user friendly tool and it doesn't require much knowledge if you're using the manual testing. Automated testing is also good but requires some knowledge in that… more »
    Top Answer:I am not very familiar with SonarQube and their solutions, so I can not answer. But if you are asking me about which tools that are the best for for Static Code Analysis, I suggest you have  a look… more »
    Top Answer:SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use… more »
    Top Answer:We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing… more »
    Ranking
    Views
    3,876
    Comparisons
    2,596
    Reviews
    1
    Average Words per Review
    458
    Rating
    7.0
    Views
    87,335
    Comparisons
    71,190
    Reviews
    47
    Average Words per Review
    470
    Rating
    8.0
    Comparisons
    Also Known As
    SOAtest
    Sonar
    Learn More
    Overview
    Parasoft SOAtest is widely recognized as the leading enterprise-grade solution for API testing and API integrity. Thoroughly test composite applications with robust support for REST and web services, plus an industry-leading 120+ protocols/message types.

    SonarQube is the leading tool for continuously inspecting Code Quality and Code Security, and guiding development teams during code reviews. SonarQube provides clear remediation guidance for 27 languages so developers can understand and fix issues, and so teams can deliver better and safer software. SonarQube integrates into your workflow to provide the right feedback at the right time: in-IDE with SonarLint, in pull requests, and in SonarQube itself. With over 225,000 deployments helping small development teams and global organizations, SonarQube provides the means for teams and companies around the world to own and impact their Code Quality and Code Security.

    Offer
    Learn more about Parasoft SOAtest
    Learn more about SonarQube
    Sample Customers
    Lufthansa, Siemens, DirecTV, NZ Bank
    Bank of America, Siemens, Cognizant, Thales, Cisco, eBay
    Top Industries
    REVIEWERS
    Financial Services Firm46%
    Government15%
    Manufacturing Company8%
    Energy/Utilities Company8%
    VISITORS READING REVIEWS
    Financial Services Firm22%
    Computer Software Company18%
    Manufacturing Company10%
    Comms Service Provider7%
    REVIEWERS
    Computer Software Company22%
    Financial Services Firm21%
    Comms Service Provider10%
    Insurance Company7%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Financial Services Firm17%
    Comms Service Provider10%
    Manufacturing Company8%
    Company Size
    REVIEWERS
    Small Business21%
    Midsize Enterprise11%
    Large Enterprise68%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise11%
    Large Enterprise75%
    REVIEWERS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise56%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise12%
    Large Enterprise73%
    Buyer's Guide
    Application Security Testing (AST)
    November 2022
    Find out what your peers are saying about Sonar, Veracode, GitLab and others in Application Security Testing (AST). Updated: November 2022.
    656,474 professionals have used our research since 2012.

    Parasoft SOAtest is ranked 22nd in Application Security Testing (AST) with 1 review while SonarQube is ranked 1st in Application Security Testing (AST) with 49 reviews. Parasoft SOAtest is rated 7.0, while SonarQube is rated 8.0. The top reviewer of Parasoft SOAtest writes "Good API testing and RIT feature; clarity could be improved". On the other hand, the top reviewer of SonarQube writes "Open-source, stable, and finds the problems for you and tells you where they are". Parasoft SOAtest is most compared with Postman, ReadyAPI Test, Coverity, Tricentis Tosca and Klocwork, whereas SonarQube is most compared with Checkmarx, Veracode, Coverity, Snyk and Sonatype Nexus Lifecycle.

    See our list of best Application Security Testing (AST) vendors.

    We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.