Product Documentation & Resources
Feature & Metric Documentation
Cloud Maturity features documentation
- Technology Coverage
- List of Cloud Maturity patterns
- Multi-Cloud Insights
- Portfolio Advisor for Cloud
- Cloud Containerization Insights
- Cloud Service Recommendations
- List of Service Recommendations by Cloud Platform
- Cloud Maturity Effort Estimate
- Cloud Maturity Blocker Exclusions
- Cloud Maturity Application Advisor
- NEW Custom Cloud Service Recommendations
- NEW Cloud Migration Wave Advisor
Software Composition features documentation
- Technology Coverage
- Supported Package Managers
- Portfolio Advisor for Open Source
- Open Source Safety definition
- Good practices when defining the scope of a code scan
- OSS License Detection
- OSS Component Detection
- OSS Dependency Explorer
- Transitive Dependencies
- Vulnerability (CVE) Status and Exclusions
- Allowed/Denied Component List Management
- SCA Component Search
- Feature Focus: Open Source License Rulebooks
- How to automatically generate a License Risk Profile based on license rulebooks
- Automated Email Notifications of New Component Vulnerabilities
- CAST’s OSSIDB (CWE Knowledge Base)
- Changes in default License Risk Profile
- Component License Compatibility
- Safe Component Version Recommender
- Advanced Snapshot Comparison
- NEW Proprietary Component Governance
- NEW SBOM Import
- NEW OSS Component Lifespan Insights
- NEW CISA’s Known Exploited Vulnerability Insights
Green Impact features documentation
- Technology Coverage
- List of Green Deficiencies
- Feature Focus: Green Impact score calculation
- Feature Focus: Green Effort Estimate
Software Health feature & metric documentation
- Technology Coverage
- Software Health
- Software Resiliency
- Software Agility
- Software Elegance
- Technical Debt Estimates
- Portfolio Advisor for Technical Debt
- ROAR Index
- Software Maintenance Estimates
- Back-Fired Function Points (BFP)
- Trends: Added/Modified Software Health scores
- Lines of code
- Re-calculate Software Health scores based on folder exclusions
Keyword Scanner documentation
- General Documentation
- Getting Started Guide (PDF)
- Sample Configuration Files (ZIP)
- Tutorial: Detect use of Oracle’s JDK 1.8 in applications
Custom Indicator documentation
- Custom Indicators
- Custom Indicators Methodology (PDF)
- How to build Custom Indicators through the API
Other Features
- NEW AI Advisor
- Personalized User Home Pages
- Continuous Improvement Tracker
- Portfolio Advisor for Software Maintenance
- Custom Dashboards
- Application Links
- Data Retention Policy and Notifications
- Audit Logs
- Scan & Survey Campaign Best Practices
- Language Localization in Dashboards
- Application Tags
- Custom Portfolio Segmentation
- Application Discussion Threads
- Delete Application Snapshots in Bulk
- Portfolio Management Optimization
Tool & Automation Documentation
Command Line documentation
- Download & General documentation
- How to retrieve your company identifier (companyId)
- User Token Management for the Command Line
- Tutorial: How to integrate the Command Line in a Jenkins Pipeline
- Tutorial: How to scan a Git repo with the Command Line (using Apache Ant)
- How to use Command Line’s .properties file
- NEW Scanning Docker Images
API documentation
- General API documentation (Swagger)
- CAST Highlight’s API integration examples
- Tutorial: How to build custom indicators using JIRA metrics and the CAST Highlight API
Docker-Based Scan documentation
- General Docker-based Scans documentation
- Tutorial: How to run our Docker scan image from Azure DevOps pipelines
Excel Bulk Importer
Extensions/Plugins
Microsoft Azure DevOps
Atlassian
Github
- How to use Github Actions to scan your repositories with CAST Highlight
- Download CAST Highlight action from Github Actions marketplace