CAST HIGHLIGHT - SCA - How to verify if any file is open source and has SCA results?

In Highlight there is a way to determine if a file is open source or not and if there is a SCA result associated with it. 


In the MANAGE PORTFOLIO > MANAGE COMPONENT CATALOG>COMPONENT CATALOG tab browse and select the file from your system. CAST Highlight will automatically display the component corresponding to the fingerprint you submitted.


This search method is probably the most accurate as it relies on the unique fingerprinting mechanism of third-party artifacts. CAST Highlight currently references 8+ billion unique fingerprints.

For more details please refer

Feature Focus: Preventing the Use of Risky OSS Components Across the Enterprise

Feature Focus: How to manage third-party components and vulnerabilities in SCA results  

CAST HIGHLIGHT - SCA - How to exclude a third party component

How Open Source component detection works




Have more questions? Submit a request


Powered by Zendesk