Plugs directly into source code repositories and automatically aggregates the results of the analysis across all applications into intuitive dashboards - the “control tower”, allowing legal, security, and operations experts to make informed decisions engaging developers only when needed.
Automatically prioritizes actions for the most severe licensing and security risks, based on the business impact of each application. Guides legal, security, and software experts on which alternative components are safer to use within the context of their application portfolio.
Uses CAST’s exclusive “MRI for Software” to automatically analyze the source code of most popular open-source components that are constantly changing, enabling organizations to intercept emerging vulnerabilities (open source CWEs) months before traditional SCA products can.
Annual subscription from $20,000 to $240,000 for 25 to 1000 applications, regardless of number of developers. This enterprise-wide view approach allows CAST to bring open-source risks control to the market at a much lower cost than traditional SCA products.
Learn how Broadridge Financial Solutions stood up effective SCA across its entire application portfolio in less than a month, with automatic advice on:
Without breaking the bank or down slowing developers.
Customizable surveys enable more contextualized analysis by enhancing technical code analysis insights with qualitative data.
Out of the Box Integrations
Turnkey extensions are available for GitHub, BitBucket, Azure DevOps and Jira to automate code scanning and automatically create tickets based on software intelligence.
Standard Format Exports
Export results in PowerPoint, Excel, and XML for local analysis or integration into other tools.
Public Rest API
Key metrics can be extracted and integrated with other systems such as EA, APM, or PPM tools, using the public REST API.
This sample OSS risk assessment was generated by CAST Highlight, deployed as an open source ‘Control Tower’ and analyzing the source code of 20 applications.
The assessment highlights License, IP, and Security risks for each application, and provides specific recommendations on actions to address the exposures.
CAST is the pioneer and category leader in Software Intelligence, providing insight into the structural condition of software assets. CAST technology is renowned as the most accurate “MRI for Software”, which delivers actionable insights into software composition, architectures, database structures, critical flaws, quality grades, cloud readiness levels and work effort metrics. It is used globally by thousands of forward-looking digital leaders to make objective decisions, accelerate modernization, and raise the security and resiliency of mission critical software.