CAST Flashcards
What is software intelligence?
Analyses database structures, code components, interdependencies etc
What are the 3 cast softwares?
Cast highlight - rapid portfolio analysis (overview of many applications)
Cast AIP- deep application analysis (for specific applications)
cast imaging - architecture visualizing and blueprinting
What are the core capabilities of CAST Highlight?
A SaaS solution with:
Software health - resiliency and agility
Cloud Readiness - blockers/boosters
Software Composition - Open source vulnerabilities and IP risks
Private Data detection - detects sensitive data manipulation
What are the use cases for CAST highlight?
Application Rationalization: Application rationalization is a process of going over the application inventory to determine which applications should be retired, retained, reposted, replatformed, refactored or reimagined.
Cloud Migration: detects code blockers/boosters, lays out migration roadmap, prioritizes apps based on cloud readiness and business impact. Recommends services to use from cloud providers and identifies whether solution should be IaaS, PaaS or SaaS
Open Source Risk Management: Risk from third party components (legal/licensing, abandonware/component requiring updates and security risks)
Technology Due Diligence: compliance with sensitive data usage, inventory of technology stack, advice on reducing technical debt
What are the primary inputs for CAST?
Code scans + qualitative surveys
What are the 3 components of the software health dashboard?
Resiliency - likelihood of errors in production based on coding industry standards
Agility - ease of upgrading/maintaining
Elegance - measure of complexity
What are the 3 components of the open source dashboard?
Security/Vulnerability risks
IP licensing risks
age/obscelence risks
What are the 4 portfolio level views under software composition analysis?
Open source safety: graph where the vertical axis has business impact from qualitative surveys and horizontal axis is open source safety (from vunerability, license and obscelence)
Components; third party components, at an individual level can identify transitive dependency threats, also includes info such as component repositories, last used release distribution and number of component versions
Vulnerabilities: Vunerabilities across the entire portfolio based on critical, high, medium and low severity
Licenses: Heat map and information on open source licenses used by different components in applications in the portfolio
What are the export formats under software composition?
Excel and Powerpoint
What are the 4 portfolio level views under Cloud Readiness?
Decision Matrix: visual representation for applications where y axis is business criticality and x axis is how clead ready an application is.
Health Factors: Cloud readiness is y axis and software resiliency is on the x axis, but all health factors (resiliency, agility, elegance are shown on an app when hovered over)
Cloud Requirements: Aggregate summary of boosters and blockers
Application links dashboard: Visualization of app to app dependencies (via http connection, API connection, FTP connection, SOAP connection etc)
How can blockers be exported?
Powerpoint, Excel, JIRA
What cloud platforms are their recommendations for?
Azure,AWS
What are the 4 smart segments in the CloudReady dashboard?
Quick wins: Low BI and high cloud readiness
Core Cloud: High business impact and high cloud readiness, associated with refactoring effort
Long Term Bets: High business impact, lower cloud readiness. Good candidates for IaaS and then moving to PaaS later
Pursue later: Low BI low cloud readiness, candidates for consolidation/retiring.
What is a domain?
Conceptual grouping of applications based on user defined charactersitics (i.e. department, geography)
Can add sub domains under main domains
How to configure domains?
go to manage portfolio -> users and apps -> add under total domains
same steps for adding sub domains
