Our portfolio analysis product, Highlight, can immediately discover all the common open source frameworks in your application. Our Application Intelligence Platform does the deepest analysis of open source frameworks in the industry. We have an action plan for you to assess your exposure and remediate your hotspots across the enterprise within just weeks.

 
 
Automatically detect over 150+ frameworks and their critical vulnerabilities
 
Automatically detect over 150+ frameworks and their critical vulnerabilities
 
How it Works
 

Step 1 - Distributed and Lightspeed Analysis

 

Send an email to all project leads or application owners, internal and outsourced, with simple instructions on how they can access the CAST Highlight portal. They download a local agent, scan their relevant code stack, and answer a few survey questions online. Simple as pie, and hundreds of project leads can complete the process simultaneously in just 10 minutes.

 
Distributed and Light Speed Analysis
 

Step 2 - Upload Encrypted Results in Private and Secured Cloud

 

All project leads or app owners upload a small encrypted text file containing analysis results to the CAST Highlight portal. This includes a list of framework versions and libraries used in the code, stats about the code, but not the code itself. CAST Highlight is compliant with the highest security regulations and standards. And again, no source code is gathered by this process.

 
 
Upload Encrypted Results in Private and Secured Cloud
 

Step 3 - Enjoy Unprecedented Management Insight

 

CAST Highlight uses answers to the survey to contextualize the source code-based intelligence gathered by the agent, and instantly generates intuitive heat maps, charts, and graphs to support critical planning decisions such as IT budgeting, sourcing strategies, and application portfolio rationalization. The list of open source frameworks and the CVEs associated to them forms an immediate hit list to address from a security standpoint.

 
Enjoy Unprecedented Management Insight
 

Step 4 - Deeper Analysis with our Application Intelligence Platform

 

CAST AIP is the world’s most comprehensive application software analysis engine. AIP reverse-engineers the application model from all the source code components of the application, including the most common frameworks like Struts, Spring and Hibernate. After identifying the applications that have vulnerable frameworks, AIP helps us ensure the framework issue is exploitable, and formulate a remediation plan that takes into account the impact on other application components.

 
 
Deeper Analysis with our Application Intelligence Platform
 
 
Contact us to find out