At CAST, we are busy making it simple for IT organizations to communicate, make informed decisions, protect sensitive data and continuously improve the safety and soundness of the software that runs business operations. We call this Software Intelligence, and it’s continuing to help companies save money while driving efficiency and improving software security.
Having worked with dozens of customers and many different versions of CAST Application Intelligence Platform, I am personally very excited about the latest General Availability Release (8.3.3). Not only does this latest version provide the most stable and high performing package of the 8.3 series to date, but the new functionalities it introduces represents several major milestone achievements for CAST.
As an existing CAST Application Intelligence Platform (AIP) user, here are a few things that you will find exciting about AIP 8.3.3:
1. Application Analytics Dashboard (AAD) is Re-Named CAST Management Dashboard
We are moving away from long names and acronyms. We’ve decided to call our main dashboard exactly what it is: CAST Management Dashboard.
2. CAST Management Dashboard Now Contains Tiles and REST API for Action Items
To help managers track the work that’s being assigned and completed without digging into the CAST Engineering Dashboard, the CAST Management Dashboard will now provide the number of action items outstanding and completed. Further, users will also be able to see the number of exclusions made. The data behind these new tiles will also be accessible via REST API.
3. Engineering Dashboard Now Supports Exclusions
The long-awaited functionality is here! You can now directly schedule violations for exclusion in the CAST Engineering Dashboard.
4. CAST Engineering Dashboard Now Allows Searching for Violations and Objects
In the object view, users will be able to search for objects by name. Most users will also notice a marked improvement in the results return speed.
5. Engineering Dashboard’s Code Viewer is Now Color Coded
To make findings easier to parse, syntax in the displayed source code is now color-coded.
6. Simplified Security Configuration and Expanded Coverage
With security on the top of many of our customers’ minds, we are focused on expanding our application security coverage as part of the Software Intelligence we provide. We are simplifying security configuration to get users to valuable security findings faster, out-of-the-box.
First, User Input Security detection for Java will now be automated through our new Security for Java extension. Second, Automated Blackboxing will help uncover vulnerabilities without any additional configuration! Lastly, we are expanding our CWE rule set to give you more complete coverage (and we are going to continue down this path):
7. Python is now Supported
As our customers begin to adopt more microservice architectures, we are responding. Python is one of the leading languages in the microservices space. We are happy to announce our new support of this technology!
8. Web Technology Analyzer is Available Out-of-the-Box and is Easier to Configure
9. NoSQL Databases for Java and .NET are now Supported
Another very important trend in software is leveraging the power of NoSQL databases. We are very pleased to introduce the support of MongoDB, MarkLogic, and Couchbase for Java and .NET based systems.
10. Architecture Checker has Template Models Out-of-the-Box
Architecture Checker has long been one our most popular modules for advanced AIP users. To make it more scalable and easier to adopt across the enterprise, common models will be included out of the box focusing on standard architecture for Java, .NET, and Mainframe systems.
If you’re not a current AIP user but would like to learn more, sign up for a free demo here!
Erik Oltmans, an Associate Partner from EY, Netherlands, spoke at the Software Intelligence Forum on how the consulting behemoth uses Software Intelligence in its Transaction Advisory services.
Erik describes the changing landscape of M & A. Besides the financial and commercial aspects, PE firms now equally value technical assessments, especially for targets with significant software assets. He goes on to detail how CAST Highlight makes these assessments possible with limited access to the targetâ€™s systems, customized quality metrics, and liability implications of open source components - all three that are critical for an M&A due diligence.