4 AIP Console Enhancements that Make Improving Software Quality a Piece of Cake (2019)

by

In August of 2019, we introduced AIP Console 1.11.  AIP Console is the central administration portal that we introduced in early 2019 to replace CMS.  AIP Console is web based and designed with the next generation of technologies and talent in mind. So, in other words, ease of use is our main objective with the final outcome to reduce the overhead of managing our platform, Application Intelligence Platform (AIP).  In the last few months, we’ve been working hard to make AIP Console even easier to operate, generating software intelligence even faster. We are pretty proud of what we’ve done, so here’s a quick summary!


  1. Intelligent and Automated Analysis based on Software Quality Objectives
    In addition to the already easy-to-use drag-and-drop analysis setup, users can now further fine tune the analysis by specifying her/his software intelligence objectives.  By selecting one or more of these objectives, AIP Console will automatically perform or exclude aspects of the analysis, balancing between speed and the level of results granularity.
    For example, by selecting “Data Safety Investigation” as the objective, AIP console will perform both the two additional steps during the analysis that validates links and maps data access down to table columns. This level of detail is not needed for a standard “Global Risk Assessment”.  

    AIP-console-automated analysis

  2. A New and More Accurate Framework Discoverer
    We introduced a framework discoverer that helps users detect frameworks outside of just coding language and databases.  Leveraging this capability, AIP console will recommend additional extensions to make the analysis more efficient and more precise.  To make it even easier, this new discoverer is able to visualize the interactions between the layers so users can inspect the relationships to double check its accuracy and improve quality.

    AIP-console-framework-discoverer


  3. Architecture Checker as Browser App
    For those of you who missed it in an earlier release, we made Architecture Checker a part of the AIP Console.  Architecture Checker was originally a thick-client application. We’ve also made some enhancements that allow users to leverage pre-set templates and apply standards to multiple applications with one click.  You can read more details about the latest Architecture Checker in a blog by my colleagues Jerome Chiampi.



  4. Improved Automation. Improved Software Quality
    We made a multitude of improvements to the automation of AIP via the AIP Console, making it easier for users to integrate their development and DevOps pipeline with AIP.  In this release, we’ve made it easy to create an application, deliver the inputs (source code, database, frameworks) and compute the snapshot in a single action. We’ve also introduced rescan automation for ongoing operation of AIP!

    By the way, we, the CAST research and development team, use AIP Console to run analysis on open source code everyday.  We have about 200 different apps in our platform, and we trigger an AIP analysis on 5 to 10 of them everyday randomly. We simply input the GitHub reference, and use this single action to automate the entire analysis for onboarding and rescan of multiple branches!


There are actually quite a few more enhancements we released last month, a few more coming this year. Subscribe to this blog for updates.

Interested to learn more? Connect with a CAST expert


Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
Making sense of cloud transitions for financial and telecoms firms Cloud  migration 2.0: shifting priorities for application modernization in 2019  Research Report
Damien Charlemagne
Damien Charlemagne Senior Product Manager
Damien is a Senior Product Manager at CAST and for the last decade has helped developers, technical leaders and C- Level executives understand complex architecture and software design. He is passionate about the constant evolution of IT systems at large enterprises and keeping stakeholders up-to-speed on emerging business technologies.
Load more reviews
Thank you for the review! Your review must be approved first
Rating
New code

You've already submitted a review for this item

|