We performed a comparison between Parasoft SOAtest and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution is scalable."
"They have a feature where they can record traffic and create tests on the report traffic."
"We can automate our scenarios in a data driven format, which shows there is no rework on scripts. We only need to update the test data and run for a number of scenarios."
"Every imaginable source in the entire world of information technology can be accessed and used."
"The testing time is shortened because we generate test data automatically with SOAtest."
"We do a lot of web services testing and REST services testing. That is the focus of this product."
"Technical support is helpful."
"We have seen a return on investment."
"When comparing other static code analysis tools, SonarQube has fewer false-positive issues being reported. They have a lot of support for different tech stacks. It covers the entire developer community which includes Salesforce or it could be the regular Java.net project. It has actually sufficed all the needs in one tool for static code analysis."
"The code coverage feature is very good."
"Engineers have also learned from the results and have improved themselves as engineers. This will help them with their careers."
"It easily ties into our continuous integration pipeline."
"The most valuable features are the analysis and detection of issues within the application code."
"The integrations SonarQube provides with our software delivery pipeline are very seamless."
"SonarQube is useful for controlling all of our Azure task tracking and scanning."
"Issue Explanations: Documentation with detailed samples. Helps in growing technical knowledge and re-writing logic to conforming solutions."
"Enabling/disabling an optional element of an XML request is only possible if a data source (e.g., Excel sheet) is connected to the test. Otherwise, the option is not available at all in the drop-down menu."
"Tuning the tool takes time because it gives quite a long list of warnings."
"Parasoft SOAtest has an internal refresh function where you can refresh the software to show the changes you’ve made in your projects. Unfortunately this function does not work properly, because it often does not show the changes after you’ve hit te refresh button a few times."
"The feedback that we received from the DevOps of our organization was that the tool was a little heavy from the transformation perspective."
"The summary reports could be improved."
"The product is very slow to start up, and that is a bit of a problem, actually."
"During the process of working with SOAtest and building test cases, the .TST files will grow. A negative side effect is that saving your changes takes more time."
"UI testing should be more in-depth."
"I am not very pleased with the technical debt computation."
"The product needs to integrate other security tools for security scanning."
"Currently requires multiple tools, lacking one overall tool."
"We previously experienced issues with security but a segregated security violation has been implemented and the issues we experienced are being fixed."
"We have tens of millions of code to be analyzed and processed. There can be some performance degradation if we are applying Sonar Link to large code or code that is complex. When the code had to be analyzed is when we ran into the main issues. There were several routines involved to solve those performance issues but this process should be improved."
"The reporting is good, but I am not able to download a specific report as a PDF, so downloading reports is something that should be looked at."
"For improvement, this solution could be offered on Docker and the cloud and the support for this solution could be improved. Customizing rules could also be made simpler."
"New plug-ins should be integrated into SonarCloud to give more flexibility to the product."
Parasoft SOAtest is ranked 28th in Application Security Testing (AST) with 30 reviews while SonarQube is ranked 1st in Application Security Testing (AST) with 108 reviews. Parasoft SOAtest is rated 8.2, while SonarQube is rated 8.0. The top reviewer of Parasoft SOAtest writes "Reliable with a good interface but uses too much memory". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Parasoft SOAtest is most compared with Postman, Coverity, Polyspace Code Prover, Klocwork and ReadyAPI, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk. See our Parasoft SOAtest vs. SonarQube report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.