CAST Highlight subscribers can now install and use a new browser extension that allows them to see the legal and security exposures associated with a particular open source component as they attempt to download it from the internet.
The ubiquitous use of open source components in custom-built applications creates intellectual property and security risks for business owners and corporate legal teams. CAST Highlight provides an effective, fast-rollout alternative or complement to traditional Software Composition Analysis (SCA) products for controlling the risks inherent in open source software across entire application portfolios.
SCA Browser Extension
The new CAST Highlight SCA browser extension for Chrome enables users to tap into CAST’s knowledgebase of over 100 million open source components and view insights in real time while browsing for specific components across the internet. The extension shows details such as licensing requirements, security vulnerabilities, and technology obsolescence directly in the browser window for the component on the current page. It also identifies if the component belongs to the “Allow” or “Deny” list as specified by the user’s organizational policy. Users can now make smarter decisions about the use of specific open source components before downloading them from the internet. The new SCA browser extension is available for all CAST Highlight subscribers.
CAST provides insight into the structural condition of software assets. According to CAST Software Inc., CAST technology is an accurate “MRI for Software”, which delivers actionable insights into software composition, architectures, database structures, critical flaws, quality grades, cloud readiness levels, and work effort metrics. It is used globally by thousands of forward-looking digital leaders to make objective decisions, accelerate modernization, and raise the security and resiliency of mission-critical software.