At CAST, we are busy making it simple for IT organizations to communicate, make informed decisions, protect sensitive data and continuously improve the safety and soundness of the software that runs business operations. We call this Software Intelligence, and it’s continuing to help companies save money while driving efficiency and improving software security.
Having worked with dozens of customers and many different versions of CAST Application Intelligence Platform, I am personally very excited about the latest General Availability Release (8.3.3). Not only does this latest version provide the most stable and high performing package of the 8.3 series to date, but the new functionalities it introduces represents several major milestone achievements for CAST.
As an existing CAST Application Intelligence Platform (AIP) user, here are a few things that you will find exciting about AIP 8.3.3:
1. Application Analytics Dashboard (AAD) is Re-Named Health Dashboard
We are moving away from long names and acronyms. We’ve decided to call our main dashboard exactly what it is: Health Dashboard.
2. Health Dashboard Now Contains Tiles and REST API for Action Items
To help managers track the work that’s being assigned and completed without digging into the Engineering Dashboard, the Health Dashboard will now provide the number of action items outstanding and completed. Further, users will also be able to see the number of exclusions made. The data behind these new tiles will also be accessible via REST API.
3. Engineering Dashboard Now Supports Exclusions
The long-awaited functionality is here! You can now directly schedule violations for exclusion in the Engineering Dashboard.
4. Engineering Dashboard Now Allows Searching for Violations and Objects
In the object view, users will be able to search for objects by name. Most users will also notice a marked improvement in the results return speed.
5. Engineering Dashboard’s Code Viewer is Now Color Coded
To make findings easier to parse, syntax in the displayed source code is now color-coded.
6. Simplified Security Configuration and Expanded Coverage
With security on the top of many of our customers’ minds, we are focused on expanding our application security coverage as part of the Software Intelligence we provide. We are simplifying security configuration to get users to valuable security findings faster, out-of-the-box.
First, User Input Security detection for Java will now be automated through our new Security for Java extension. Second, Automated Blackboxing will help uncover vulnerabilities without any additional configuration! Lastly, we are expanding our CWE rule set to give you more complete coverage (and we are going to continue down this path):
- CWE-134: Avoid uncontrolled format string
- CWE-434: Content type should be checked when receiving a HTTP Post
- CWE-672: Expired or Released Resource should not be used
- CWE-681: Avoid numerical data corruption during incompatible mutation
- CWE-798: Use of Hard-coded Credentials
7. Python is now Supported
As our customers begin to adopt more microservice architectures, we are responding. Python is one of the leading languages in the microservices space. We are happy to announce our new support of this technology!
8. Web Technology Analyzer is Available Out-of-the-Box and is Easier to Configure
9. NoSQL Databases for Java and .NET are now Supported
Another very important trend in software is leveraging the power of NoSQL databases. We are very pleased to introduce the support of MongoDB, MarkLogic, and Couchbase for Java and .NET based systems.
10. Architecture Checker has Template Models Out-of-the-Box
Architecture Checker has long been one our most popular modules for advanced AIP users. To make it more scalable and easier to adopt across the enterprise, common models will be included out of the box focusing on standard architecture for Java, .NET, and Mainframe systems.
If you’re not a current AIP user but would like to learn more, sign up for a free demo here!