Norsk Titanium controls software supply chain risks with open source control tower

CAST Highlight enabled Norsk Titanium to take control of open source risks in just two days and at a fraction of the cost of traditional SCA products.

Challenge

Norsk Titanium’s portfolio of software applications is comprised of tens of thousands of lines of code built with a diverse set of technologies. There development team leverages many third party and open source components to reduce time to market and speed up innovation. However, this introduced software supply chain risks including possible security vulnerabilities and potential legal licensing exposures.

Norsk Titanium’s technology and legal teams needed a way to gain visibility into open source risks across the portfolio without disrupting their developer productivity. They also needed to quickly identify the specific actions required to reduce security risk and legal exposure.

Solution

After the Norsk Titanium IT and legal teams evaluated multiple Software Composition Analysis (SCA) products, they chose CAST Highlight for its rapid deployment, automated recommendations, and high return on investment.

They established an open source ‘control tower’ across their application portfolio by plugging CAST Highlight directly into their source code repositories and automating the application analysis process as part of their software development lifecycle. Automatically generated insights include security vulnerabilities, legal licensing risks, and obsolete components. They use the built-in Portfolio Advisor for Open Source capability to identify priority actions to take across their applications.

Results

Norsk Titanium was able to get CAST Highlight operational across their applications in two days and start realizing immediate value from the automatically generated insights.

In addition to the valuable insights CAST Highlight delivers, it also generates a significantly higher return on investment than competing products as its price point more than 70% lower.