Vitrana is a global life sciences and healthcare platform, providing SaaS and on-premises deployment solutions.
By leveraging CAST Highlight ‘s software composition analysis capability to gain insights into their portfolio composition, Vitrana is now able to centrally control 15 mission-critical applications, manage their software supply chain’s open-source components and dependencies, and reduce OSS vulnerabilities by over two thirds—all without disrupting developers.
With CAST Highlight acting as our portfolio control tower, we’ve significantly enhanced our ability to detect and mitigate security vulnerabilities in real-time, reaffirming our commitment to delivering secure and compliant solutions to clients. This proactive approach gives us greater control to address potential threats swiftly, builds trust with clients, and provides their customers with greater peace of mind.
fewer OSS security
Vitrana operates in highly regulated life science domains, where adherence to global regulatory authorities is essential; the quality of their software must meet the highest standards, with minimal compliance issues or security vulnerabilities.
Because of how hard it was to manually undertake due diligence on the open-source components in their portfolio (e.g. identify security vulnerabilities, license compliance issues, and outdated versions), the team recognized the need to adopt an automated software composition analysis solution within their software development lifecycle (SDLC) process.
CAST Highlight has produced significant actionable portfolio insights, allowing rapid and meticulous open-source component management. Reports are now generated and distributed to all application owners on a weekly basis while issues are fixed as part of code merge requests in parallel with the development phase itself.
The SDLC process now automatically takes care of compliance, CAST reports are approved before signing off the build for QA, and code quality has improved with better control over the incorporation of open-source software components.
By leveraging CAST Highlight’s software composition analysis (SCA) capability to gain insights into their portfolio composition, Vitrana is now able to centrally control 15 mission-critical applications, manage their software supply chain’s open-source components and dependencies, and reduce OSS vulnerabilities by over two thirds—all without disrupting developers.