CAST Highlight, a software intelligence product, plugs directly into source code repositories and analyzes applications in minutes, without disrupting developers. It performs Software Composition Analysis (SCA) of an application portfolio and automatically creates a full inventory of the 3rd party and Open Source components used within the codebase, including license versions. It highlights licensing exposures and security vulnerabilities as well as recommendations on the most critical remediations required. The SBOMs can be viewed and exported in Excel, Word, PPT, and CycloneDX.
Organizations often need to consume an existing SBOM received from an external source such as a software vendor. CAST Highlight also automatically reads an imported SBOM in CycloneDX format and generates all of the same SCA insights even if the application is not directly analyzed by CAST Highlight.
CAST Highlight enabled us to assess OSS risks across all our applications in minutes versus hundreds of hours.
VP, Open Source Governance
We've tried alternatives. We recommend CAST Highlight due to its speed and lower cost.