The Open Source License Rulebook capability of CAST Highlight, the Software Composition Analysis (SCA) product for controlling open source software risks across whole application portfolios, is now available directly in the user interface. When companies utilise open source components in their proprietary software, they usually come with a licence that outlines how the software can be used lawfully. However, until now, the legal requirements of these licences have been complex and perplexing for those unfamiliar with intellectual property rules.
The new CAST Highlight Open Source License Rulebook automatically deciphers the frequently complex wording of an open source component licence and boils it down into simple legal criteria like:
- What the licence lets you do
- What the licence doesn’t let you do
- What the component’s users must do
Other new features in the newest CAST Highlight version include auto-generated Software Bill of Materials exports in the CycloneDX format, copyright notice reporting for open source components, and automated email notifications for emerging security vulnerabilities, among others.
CAST technology can look inside custom applications with MRI-like precision, generating intelligence about their inner workings – composition, architecture, transaction flows, cloud readiness, structural defects, legal and security threats – automatically. It’s becoming critical for cloud modernisation, increasing Software Engineering speed and efficiency, better open source risk control, and accurate technical due diligence.