CAST HIGHLIGHT - SCA - How to verify if any file is open source and has SCA results?

In Highlight there is a way to determine if a file is open source or not and if there is a SCA result associated with it. 

Details

In the MANAGE PORTFOLIO > MANAGE COMPONENT CATALOG>COMPONENT CATALOG tab browse and select the file from your system. CAST Highlight will automatically display the component corresponding to the fingerprint you submitted.

component_1.JPG

This search method is probably the most accurate as it relies on the unique fingerprinting mechanism of third-party artifacts. CAST Highlight currently references 8+ billion unique fingerprints.

For more details please refer

Feature Focus: Preventing the Use of Risky OSS Components Across the Enterprise

Feature Focus: How to manage third-party components and vulnerabilities in SCA results  

CAST HIGHLIGHT - SCA - How to exclude a third party component

How Open Source component detection works

Ticket

26828

 

Have more questions? Submit a request

Comments

Powered by Zendesk