According to Wikipedia, Software Intelligence is defined as: insight into complex software structure produced by software designed to analyze database structure, software framework and source code to better understand and control complex software systems in Information Technology environments. This is a rapidly growing discipline in our industry and includes a number of important metrics about software applications such as Health, Cloud Readiness, and Security.
Software Composition Analysis for managing Open Source Risk
An increasingly important part of the Software Intelligence landscape is Software Composition Analysis (SCA) or measuring the risks of open source when developing software. As we all know, it is extremely rare that organizations are creating 100% original software code when developing applications and there are inherent risks involved when leveraging open source frameworks and 3rd party components to speed up the development process. The two primary risks are: 1.) security vulnerabilities or CVEs (Common Vulnerabilities and Exposures) and 2.) IP licensing risks. Hence, the importance of SCA in today’s IT environment.
Open Source Risk is however only one of the components of the broader Software Intelligence landscape
There are several solutions available on the market that focus explicitly on Software Composition Analysis (Learn how CAST SCA works). However, this is only one part of the overall Software Intelligence landscape. What about measuring the Cloud Readiness of your software when planning for a cloud migration or modernization initiative? How about gaining insight into the Health of your applications when rationalizing a large portfolio of enterprise applications or performing technology due diligence before an M&A transaction? How about understanding the Business Impact of your applications so that you can incorporate the business context into the decision making process? These are all critical questions that can only be answered by a Software Intelligence platform that goes beyond being a point solution focused on one narrow area.
CAST Highlight’s Software Intelligence approach is broader
That is why CAST Highlight is taking a different approach to measuring open source risk and incorporating SCA into the broader picture of Software Intelligence enabling a complete view of your enterprise software portfolio. And, in most cases it is being offered at a fraction of the cost of most solutions that focus on SCA alone.
In the latest release of CAST Highlight, we add several new innovations improving on the ability to gain rapid insights into your software applications and understand open source risk, cloud readiness, and application health to name a few. Continue reading to learn the details…
What's new in CAST Highlight?
Smart Open Source: Detection of transitive dependencies
In this new version, we go a step further in Software Composition Analysis (SCA) by discovering the dependencies of Open Source and third-party components that your applications use, as well as their licenses and possible vulnerabilities. Since these indirect dependencies may also be exposed to CVEs or license compliance issues in the context of your application, they’re also added in the Bill of Materials in a new tab called “Dependencies”.
Smart Open Source: An Azure DevOps extension
Detect possible vulnerabilities, license risks and obsolete Open Source and third-party components at the early stages of your build chain. Highlight’s SCA analytics are now available as an extension of Microsoft Azure DevOps, available from the marketplace. Try it now!
19 new Java code insights for Software Health
We added 19 new code insights contributing to the three health factors (Resiliency, Agility and Elegance) for Java applications. And, we have updated our analyzer enabling even more code insights in future releases.
CloudReady Survey Colors to quickly know where to improve
In the CloudReady results at the application level, we added color-coding in the survey answers to make score interpretation easier and know exactly where to improve such as Cloud maturity of your development team, choosing a database which is natively supported in SaaS, adopting DevOps, etc. The opacity indicates the weight of the item in the overall CloudReady score.
UX improvements on TRENDS and FRAMEWORKS at portfolio level
We took advantage of this new release to improve the user experience, specifically on the TRENDS and FRAMEWORKS dashboards. These pages now load much faster and we made the transition between dashboards easier for a more comfortable navigation.