How data visualization makes it easier to manage open source risks and assess application portfolios for cloud migration

by

It All Starts with Pictures

Many of us started learning using picture books before we started reading as children. The reality is, our brains are still forming images in our minds even when we are reading text as adults. The human mind is designed to process visual information and we process visual information significantly faster than text and numbers.
In fact, according to a study by the University of Minnesota, human brains process visuals 60,000 times faster than they do text. So, it appears a picture is really worth 60,000 words. And, as we have heard many times, 93% of communication is non-verbal (source: Ubiquity). The science behind all of this is rather straight forward. The part of the brain that processes visual information (occipital lobe) works much faster than the part of the brain that processes text and numbers (temporal lobe).

So, when visual information is presented along with other data, both parts of the brain can work in parallel increasing processing speed (and decision-making) dramatically.

Data, Data Everywhere and Not an Insight to Spare

We are awash in data in every aspect of our lives today, especially in the world of business. Ninety percent of the data in our world today was created in just the last two years alone! And, many of us grew up consuming this data in a world of Excel tables and charts. However, the market for more advanced data visualization is growing fast due to the science described above.
According to IDC, visual data discovery tools will grow 150% faster than the rest of the BI market. And, organizations that adopt advanced data visualization solutions are forecasted to have a significant competitive advantage in their respective industries. Nucleus Research estimates that a business with data visualization capabilities will enjoy an ROI of over 1200% on their investment.

To prove the power of data visualization let’s perform a very simple experiment. Take out your smartphone and launch a stopwatch app. Then, using the table below time yourself on how long it takes you to identify how many components in this table have a High license risk:

Open-source-risks-table 

Now, reset the stopwatch and this time use the image below and time yourself on how long it takes you to identify how many components in this dashboard have a High license risk (represented by red bubbles):

Open-source-risks-visualization 

This is just a wild guess on my part, but I am going to assume you were much faster the second time even though there were more High risk components to count. Obviously, this is an overly simplistic example, but imagine trying this with hundreds of components!

Making Your Software Intelligence Even Smarter

The business applications for data visualization are limitless, but let’s take a closer look at a couple of examples in the realm of Software Intelligence. CAST Highlight, the leader in Software Intelligence for Application Portfolio Analysis, recently introduced new data visualization dashboards for two of its most common use cases:

1. Assess application portfolio for accelerating cloud migration, and
2. Identify and manage open source risks

Assess application portfolio for cloud migration

In the case of cloud migration, an organization may be developing a roadmap to plan a migration of hundreds or even thousands of applications. Highlight’s current dashboards will help segment and prioritize applications for migration. Additionally, they will help quickly identify the roadblocks to migration within the code of each individual application. But, how about understanding the application to application dependencies that may impact migration? With the new Application Links dashboard, Highlight provides an interactive data visualization dashboard to quickly understand these inter-app dependencies and make better decisions about the migration strategy. See this article to learn more about this new feature.

Visualize-application-portfolio-cloud-migration-readiness 


Identify & manage open source risks

To manage open source risks, the number of open source components within a typical business application can be significant. According to IDG, the average enterprise software application contains 73 3rd party components. In an enterprise that has several hundred applications in the portfolio, this translates into thousands of components to manage. Imagine trying to sift through a table with 10,000+ rows to spot potential security vulnerabilities, license policy violations, or obsolete components! Although Highlight already provides tabular reports and a Software Bill of Materials exported in Excel, the new OSS Explorer feature adds a data visualization dashboard to help users quickly identify potential risks due to open source software and make much quicker decisions on where to focus remediation efforts. See this article to learn more about the new OSS Explorer in Highlight.

Visualize-opens-source-risks 

 

These are just two of the innovations CAST has introduced into Highlight in our latest release. See below for the rest of the new features you can now enjoy in Highlight.



CAST-Highlight-Inter-application-links

 

Inter-Application Links

Visualize how applications are interconnected to understand dependencies and impacts to your modernization projects such as cloud migrations. Capture application links via survey questions and analyze dependencies along with other Highlight metrics such as Business Impact and Health.

Shadow


Open-source-dependency-explorer

 

Open Source Dependency Explorer

With this newestSCA feature, Highlight allows you to navigate your third-party components and transitive dependencies to easily visualize hotspots that put your application at risk, whether it is security, license or obsolescence.

Shadow

CAST-Highlight-smart-open-source-merge-frameworks-sca-dashboard

 

Smart Open Source: Merge of FRAMEWORKS and SCA Dashboards

An improved user experience merges the ‘frameworks’ and ‘software composition’ screens into one single view dedicated to open source and third-party components.

Shadow

cast-highlight-software-health-for-typescript

 

Software Health for TypeScript: 60+ new Code Insights

Highlight enhances its technology coverage by adding 50+ code insights for TypeScript, now available for Software Health assessment.

Shadow

cast-highlight-misra-patterns

 

30+ New C/C++ MISRA patterns

Our C/C++ analyzer has been enriched with 30+ new patterns verifying some of MISRA’s programming practices. MISRA is a trusted and well-known standard in the automotive / embedded software market.

Shadow


cast-highlight-quadrant-labels

 



Quadrant Labels on Custom Dashboards

You can now define quadrant labels in your custom dashboards. Quickly segment your portfolio and prioritize applications across your portfolio for rationalization and cloud migration projects.

Shadow

cast-highlight-cloud-requirements

Cloud Requirements at Portfolio Level

Highlight aggregates Cloud blockers and boosters at the portfolio level to help you prioritize and build efficient action plans to migrate your apps.

Build your Cloud migration roadmap

 

Shadow

cast-highlight-keyword-scan-enhancements

 

Keyword Scan Enhancements

The Keyword Scan feature now supports more sophisticated searches by combining string, file names, path names, and formulas in a more stable syntax. This improves detection of important data patterns such as PII usage in your apps to reduce GDPR or CCPA compliance risk.

Shadow


cast-highlight-campaign-statistics

 

Campaign Statistics available through the API

The API now exposes detailed information on campaign content and status that helps track progress and integrate scripts to remind contributors. See theAPI documentation.

 

Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
Making sense of cloud transitions for financial and telecoms firms Cloud  migration 2.0: shifting priorities for application modernization in 2019  Research Report
Greg Rivera
Greg Rivera Vice President
As Vice President of CAST Highlight, Greg leads product strategy for the CAST SaaS platform helping customers and partners accelerate app modernization / cloud migration, rationalize their app portfolios, and reduce open source risk. He has worked with Fortune 1000 companies such as Microsoft, IDG Communications, and Arrow Electronics for over 20 years in technology and media, helping them make successful digital transformations. Greg has a B.S. in Electrical Engineering and an M.S. in Management of Technology and is passionate about applying technology to improve business and our everyday lives.
Load more reviews
Thank you for the review! Your review must be approved first
Rating
New code

You've already submitted a review for this item

|