Parasoft SOAtest and SonarQube Cloud compete in the software quality assurance sector, catering respectively to API testing and code quality and security. Parasoft SOAtest appears to have an advantage due to its efficient test pattern generation and reduced manual testing efforts, resulting in higher cost-effectiveness despite complex licensing concerns.
Features: Parasoft SOAtest allows the rapid setup of functional test scenarios using WSDL web service descriptions and XSD message specifications. It supports data-driven testing with diverse data sources and includes a variety of validation and verification tools. Custom scripting integration and extensive protocol support enhance its testing capabilities. SonarQube Cloud focuses on continuous code analysis and provides comprehensive insights into code duplication, unit test coverage, and security hotspots. It integrates well with version control tools and is particularly effective in discovering vulnerabilities and security issues with an easy-to-use interface.
Room for Improvement: Parasoft SOAtest could improve by simplifying its complex licensing and enhancing user-friendliness for less experienced users. Better integration documentation for cloud services and more competitive pricing options for small enterprises could expand its reach. SonarQube Cloud requires improved documentation for seamless integration into CI/CD pipelines and could benefit from reducing false positives in code analysis. Expanding feature sets in budget-friendly packages would also make the tool more attractive to smaller companies.
Ease of Deployment and Customer Service: Parasoft SOAtest boasts a straightforward deployment and provides extensive support through a dedicated team that aids customization. The UI is user-friendly, aiding ease of use. SonarQube Cloud is SaaS-based, offering an easy setup with minimal maintenance. However, large enterprises might face challenges with integration support and documentation, while customer service is robust overall.
Pricing and ROI: Parasoft SOAtest offers a good ROI given its ability to build test patterns efficiently, although some users find it expensive due to its complex licensing. SonarQube Cloud is priced based on lines of code, which can be economical for small-scale projects but becomes costly for larger codebases. It provides excellent insights for improving code quality, contributing to good ROI, although costs may become prohibitive for extensive projects.
We found Parasoft SOAtest to be quick in building up test patterns, allowing us to create complex tests efficiently.
It is easily integrable with the CI/CD pipeline and supports multiple projects with its extensive plugin options.
The product is designed for bigger clients, while smaller companies are often put aside.
The customer service and support for SonarQube Cloud are responsive and helpful.
Integrating it into different solutions is straightforward.
There are limitations, and it seems to have fewer capabilities than Veracode.
It has been used in multiple projects and performs well.
SonarQube Cloud is a scalable product, and I rate its scalability at seven out of ten.
From my team's feedback, it is almost an eight out of ten.
It is a quite stable solution.
It did not support enough of the protocols or cryptography formats we needed, which led us to create our own solutions.
In terms of improvements for Parasoft SOAtest, some features could be added or perhaps existing areas could be improved, such as lowering prices.
I would like to see SonarQube Cloud provide more detailed solutions for fixing code issues, especially solutions related to CVEs.
I need a solution that can bring together three key areas: vulnerabilities, static scanning, and misarchitecture.
Static code analysis is good, but the product lacks dynamic code scanning capabilities, an area where Veracode excels.
Parasoft SOAtest is expensive, but it was acquired because the company was dissatisfied with Quick Test Pro.
SonarQube Cloud is roughly equivalent in cost to Veracode, maybe a little cheaper.
From my experience, SonarQube Cloud (formerly SonarCloud) is very expensive for small companies.
We used the open-source version of SonarQube Cloud for its minimum features and did not license its extensive capabilities.
Parasoft SOAtest improves the quality of the application, increases security and security compliance, and it is a cost-effective tool.
Parasoft SOAtest is very good at ensuring tests don't pass or fail until they genuinely pass or fail.
It is integrated easily with the CI/CD pipeline, saving time and cost.
The most valuable features of SonarQube Cloud (formerly SonarCloud) include code inspection, addressing technical debt, and identifying security vulnerabilities.
I find SonarQube Cloud very easy to use and simple to integrate initially.
Parasoft SOAtest delivers fully integrated API and web service testing capabilities that automate end-to-end functional API testing. Streamline automated testing with advanced codeless test creation for applications with multiple interfaces (REST & SOAP APIs, microservices, databases, and more).
SOAtest reduces the risk of security breaches and performance outages by transforming functional testing artifacts into security and load equivalents. Such reuse, along with continuous monitoring of APIs for change, allows faster and more efficient testing.
SonarQube Cloud offers static code analysis and application security testing, seamlessly integrating into CI/CD pipelines. It's a vital tool for identifying vulnerabilities and ensuring code quality before deployment.
SonarQube Cloud is widely used for its ability to integrate with tools like GitHub, Jenkins, and Bitbucket, providing critical feedback at the pull request level. It's designed to help organizations maintain clean code by acting as a quality gate. This service supports development methodologies including sprints and Kanban for ongoing vulnerability management. While appreciated for its dashboard and integration capabilities, some users find initial setup challenging and note the need for enhanced documentation. The recent addition of mono reports and microservices support offers deeper insights into security and code quality, though container testing limitations and false positives are noted drawbacks. Manual intervention is sometimes required to address detailed reporting, with external tools being necessary for comprehensive analysis. Notifications for larger teams during serious issues and streamlined integration of new features are also areas of improvement.
What are the key features of SonarQube Cloud?In specific industries, SonarQube Cloud finds application in finance and healthcare where code integrity and security are paramount. It allows teams to identify critical vulnerabilities early and ensures that software development aligns with industry regulations and standards. By continuously analyzing code, it aids organizations in deploying secure and reliable applications, fostering trust and compliance.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
