CRASH Report 2017 Trend On Application Security
Get Your Free report
Want a personal walk thru?
Each tile can be moved or resized in your homepage. Favorite tiles are another type of tile that can be added to the homepage when you will drill-down into the quality model. These tiles can be removed by clicking on the top right icon.
This icon activates/deactivates data filtering on Critical Violations. By default, the dashboard only shows information about Critical Violations, rather than showing data for ALL violations - this allows you to instantly see the most important flaws in the analyzed application.
With continuous usage of CAST, you are able to see both Added and Removed violations based on different technical criteria.
Both Technical Criteria and their associated Quality Rules are weighted to help prioritize the most impactful violations to select for remediation.
Objects names that contain the violation selected. From this list an object can be added to the Action Plan and flagged for remediation.
The Propagated risk index or the PRI is a measurement of the riskiest objects of the application in terms of security.The PRI formula takes into account the intrinsic risks of the component regarding security health factor coupled with the level of use of the given object in the application.PRI finds objects that threaten the application usage. It helps you to determine objects for remediation to remove the most risk.
Snippets of source code are displayed to the user and violations areas are highlighted. If necessary, a user will be presented with a Show More button to display additional code, or they can use the View File option to view the entire source code file.
Establish action plans to remediate violations based on priority. The action plan data can be: viewed in the dashboard, exported to Excel, or automatically synced with a tracking software like Jira.
Review architecture design, security hotspots, non-secure transactions - project impact on the threat model before coding
Detect, measure and enforce engineers' adherence to custom and standard architectural rules
Focus on the security vulnerabilities that are contextual, critical and relevant, and filter out the rest
Calibrated quality model that scores application security in a reliable, consistent way that can be measured and benchmarked
Identify objects with security flaws in the dev pipeline
Gain insight into why specific defects are occurring and guidelines for fast remediation
Create action plans based on a prioritized list of high impact issues
Identify structural and architectural defects and blocker in your riskiest objects and transactions
Get clear direction on flaw remediation
Drill-down to identify specific code location of critical flaws
Validate against industry standard rules
Information Assurance is more than Security. We found that the foundation of secure software is quality software. Software Assurance is 5 parts Structural Quality with 2 parts Software Security.
U.S. Military Health System
CAST has shined a light into the black box of our applications.
Dr. Ray Russo
Head of Enterprise IT
CAST helps me keep homeowners safe and sound.
CAST Named a Strong Performer and received top score for "Accuracy" of findings.
I'd like to speak to a CAST Team Member
Discover CAST AIP in Action
Copyright 2018 - CAST | All Rights Reserved