![Checkmarx One vs. IMMUNIO [EOL] report](https://www.peerspot.com/assets/media/images/icons/pdf-80836ec5.svg){kind=icon}
![IMMUNIO [EOL] Logo](https://images.peerspot.com/image/upload/c_scale,f_auto,q_auto,w_64/LEBvWWQ5Zco5MzhK9y1usQ4J.png)
![IMMUNIO [EOL] Logo](https://images.peerspot.com/image/upload/c_scale,f_auto,q_auto,w_30/LEBvWWQ5Zco5MzhK9y1usQ4J.png){kind=small}
![IMMUNIO [EOL] Logo](https://images.peerspot.com/image/upload/c_scale,f_auto,q_auto,w_40/LEBvWWQ5Zco5MzhK9y1usQ4J.png){kind=small}
The interactive application security testing, or IAST, where code scans are being ran on an application that lives in a runtime environment on a server or virtual machine, needs improvement. There was limited support from different languages. It didn't support everything under the sun, so you would lose revenue since you didn't have support for Scala or some other language that your developer was fluent in. They needed to improve on language support. That is about it, really. The dev team did everything that they said they were going to do. If they said they were going to hit a mark, they'd hit a mark. That release would come out. Typically, they would do four major releases a year, quarterly, with two-point releases in between, or based on any additional hotfixes that may be needed. In most cases, however, IAST was the part of the product that needed to be improved the most. Codebashing is a really cool product from the aspect of teaching developers how to write secure code. However, it would be even cooler if you could not only point out and teach someone how to do it while also making the appropriate recommendation on how to rewrite the code itself, using machine learning or AI. Instead of you, the developer learning how to do it and then writing the code yourself, it'd be cooler if you could push a button, have it analyzed, scans the code, find the code, find the issue within the line of code, and then go ahead and automatically rewrite that code for you. Then, by repetition, it just teaches you through muscle memory how to do that as opposed to, "Hey, you've found this problem. This is where the problem's located, within this particular line of code." Right now, do you know how to rewrite Java? Well, if you're not familiar with how to do that, then go push on this button. Now, take this test and go through this exercise.” It doesn't make a recommendation. It's not like providing a script that fixes the problem. It's just teaching you on how to write the code in that form in that manner.
