CAST Dashboards 2019 – The story so far

by

We are already in the mid of Q3. Few more months and we will be welcoming the new year. As always, we have been in a relentless pursuit to enable our users with the benefits of Software Intelligence – the unprecedented visibility of your software. This year is no different. As the Product Manager for CAST Dashboards, I would like to take this opportunity to share some of the progress that we have made so far, this year.

CAST Engineering Dashboard Decommissioning 

Very important update for us this year. We plan to decommission legacy CED (CAST Engineering Dashboard) with AIP 8.4 release, replacing it with a completely revamped and improved version.  CED has been our favorite child for a long time. CAST users loved CED, therefore, we had our task cut out.

The latest version of Health and Engineering Dashboard(1.11) not only covers majority of the legacy CED functionalities but also includes some of the additional features that are tailor-made for the current need of our users – Appmarq Benchmark insights, Jira integration out of the box, Industry-standard compliance insight, continuous improvement, a dedicated reporting features, etc.,  to name a few.

The revamped version has already been rolled out to multiple customers and I am glad to share that we have received overwhelmingly positive feedback for the new Dashboards. We wish to continue on this path and complete the migration for all customers before the end of this year.

Benchmark insight in Health Dashboard

Appmarq Benchmark is an integral part of CAST product suites.

For those who are not familiar with Appmarq, CAST Appmarq is the largest Software Intelligence repository, built on thousands of analyzed applications from over 400+ organizations across major industry verticals, computed from 3 Billion+ lines of code comprised of 35+ different technologies. Industry leaders use Appmarq to benchmark their applications across the various dimensions in order to achieve comparative insights against peers and competition make informed decisions (like build vs buy), and to identify where remediation needs to be prioritized.

The Appmarq benchmark score is now available by default in Health Dashboard for our users. Users can now see the compliance benchmark score at rules level and tech criteria level and find out about the quartile information at Health measure level by default in Health Dashboard.

Appmarq-in-health-dashboard  

Industry compliance insights in Dashboard


CISQ-reliability
The market for Software risk analysis is increasingly becoming standard driven. With the advent of global industry standards such as – CISQ, OWASP, CWE, STIG, NIST, etc., increasingly, our users are adopting insights driven by the standards. We, at CAST, acknowledged the need for the users and enabled some of the dedicated insights for industry standard, with the help of Quality Standard mapping extension, we have mapped majority of our CAST rules with the applicable standards. The new-gen Dashboards enables users to create specific tiles for a standard and publish the violations against a particular standard. The tiles give the drill-down opportunity for the users for in-depth investigation. Also, we have included brand-new reports pertaining to the compliance of each standard available directly for download from the Dashboard itself.

Industry-compliance-dashboard

  

Developer Education & Continuous improvement

We understand the need of the engineering team to continuously improve and educating the developers in order to help them deliver better quality, risk-free software. With CAST Dashboard version 1.8, we are pleased to announce the launch of the “Education & Continuous Improvement” feature where a Dev manager can select certain rules for developer’s education, communicate with the team about the importance of the rules with documentation, then monitor the rules for continuous improvement. Here is the post that describes how the feature works.

Developer-education 

Advanced Search to identify violations

We have built a brand-new super-fast search wizard for our users to identify violations quickly and easily. Many of our customers employ different strategies to mitigate CAST violations – Advanced search has been designed in a way that users find it easy to focus on the violations based on their various needs. We tried to cover majority of the use-cases that our customers have reported to us.

Advanced-search-for-violations  

Dashboard Reporting

Many of our existing CAST users know about our Reporting product called “Report generator”. Over the years, Report generator has been our key reporting Engine. The biggest leap we have made in terms of reporting is that now we have the reporting capability integrated directly with the Dashboard. That means – users can now directly download reports from Dashboard without having them to install and login to Report Generator every time they wish to generate reports.

Now the biggest advantage with this feature is that we have used Report Generator as the processing Engine. So, the core mechanism and look and feel of the reports remain the same as it was there with the Report generator.

The Dashboard Reporting functionality essentially deals with three categories of reports-

  1. Industry Standard Compliance Report – Where users can download the CISQ, OWASP, CWE, STIG, NIST compliance reports directly from the Dashboard.
  2. Miscellaneous Report – There are few very important, ready-made, metric-driven reports available for download.
  3. Custom Reports – There is a provision that users can create their own templates and generate reports, allowing them to modify the component and design based on their needs.
Dashboard-reporting

Inbuilt Jira Integration

The Atlassian Jira ticket creation is now enabled in the Action Plan view.

CAST Dashboards now can integrate with the Jira and end-users can trigger Jira tickets directly from the Dashboard itself. The Dashboard also populates the Jira ticket id in the Action Plan table, allowing users to seamlessly browse issues between CAST and Jira.

What Else?

Well, this is not all. We have plenty of other new features as well. So,  click here to check out the release notes for the recent releases in order to know about them.

Furthermore, I am glad to mention that we kept a special focus on the user experience in the new Dashboards. Now, the Dashboards not only look great but also, they make you feel great. I encourage you to try them once you manage some time.

Also, if you have any feedback or feature request, please let us know. You can do the same by clicking here.

We are always listening! Wish you great rest of the year and Happy Dashboarding!

Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey
Arkapravo Chakraborty
Arkapravo Chakraborty Senior Product Manager
A global product manager, strategic marketing leader, and an IIM Calcutta alumnus, Arka leads the product vision, strategy, and development efforts for CAST Dashboards, Report Generator, and Rest API with the mission to enable the benefits of Software Intelligence for entire Software fraternity. Arka is always keen to explore various software development and management challenges and figure out the ways Software Intelligence can make life better for Software Professionals.
Load more reviews
Thank you for the review! Your review must be approved first
Rating
New code

You've already submitted a review for this item

|