Product Tutorials & Third-Party Tools

This page lists content and tools that will help you run and leverage CAST Highlight in the best conditions possible. For uncovered topics, don’t hesitate to read our product FAQ or contact our support team.

Must-see resources to get you started

Getting Started Guide

In this documentation, you’ll find all the necessary information that will drive your first steps on the Highlight platform: how to create an application or invite users, how to scan source code, supported technologies, etc.

Highlight Indicators & Methodology

In this slide presentation, you’ll find all the necessary information to understand how Highlight analytics and code insights are built, what they mean and how to interpret them, with concrete examples by technology stack.

Keyword Scanner Guide
This document explains how to use the Keyword Scan feature, the different use cases such as GDPR and how to leverage scan results at both application and portfolio levels.
Custom Indicator Guide
Everything you need to know to create, administrate and consume the custom indicators in CAST Highlight.

Video Tutorials

4620

Introduction (part 1)

Get a quick overview about CAST Highlight. Understand its missions, how it works as well as the use cases it supports.

3636

Analytics Consumption (part 2)

This tutorial walks you through the Analytics Consumption and describes several portfolio insights.

3635

Portfolio Configuration (part 3)

This tutorial demonstrates the main portfolio management capabilities to administrate the platform and the assessment campaigns.

3634

Application Assessment (part 4)

This tutorial assists your first steps as a Contributor and walks you through the application onboarding process.

Other “How To” videos

Highlight tools for DevOps and CI/CD integration

4912

Rest API

Highlight key metrics (e.g. health factor scores, lines of code, total cloud roadblocks, etc.) can be extracted from the platform to be integrated wherever it will make sense for your organization, using our public REST API.

4914

Command Line for Automated Scan

Highlight analyzers can now be run through a configurable command line, in order to automate source code scans and uploads (optionally). Want to get fresh analytics after each sprint or release, or even nightly build? It only takes minutes!

4915

Highlight Extensions & Integrations

Do you want to continuously scan source code and track Highlight analytics from favorite CI/CD tool? Highlight comes with extensions for Azure Devops. More plugins to be added soon…

Product Posts & Tutorials

How to detect apps using Oracle’s JDK 1.8 (and others) at the portfolio level

As you probably already know, Oracle announced a major change of their release and support rules for Java. This article is not meant to explain how that’s going to work now, but long story short you’ll have whether update your JDK very fast, be exposed to unpatched (and perhaps vulnerable) Java versions that runs your […]

The Power is Yours: Custom Indicators

In case you missed it, the CAST Highlight last release notes announced many great new capabilities. We’re proud and excited to include Software Composition Analysis (SCA) as a compelling new feature, which brings a new angle to our Application Portfolio Analysis foundation. In addition to SCA, this release includes another game-changing capability – custom indicators. This blog will cover how to implement and use this great new feature.

How to estimate size and health of high frequency code iterations using the delta analysis feature

The "Application Trends" feature (also known as delta analysis) dramatically increases the value of using Highlight in an Agile context. In a nutshell, Highlight now computes software health scores and metrics of scanned source files based on their status, whether they have been added or modified during the last iteration. This post will explain how [...]

How to configure a Keyword Scan for GDPR (or anything else)

In this product tutorial, we'll see how to configure and take advantage of the Keyword Scan feature to support a GPDR assessment of your application portfolio. The feature can be used to search for any kind of keywords (API secret token or passwords in clear text for instance) but really makes sense in a GPDR [...]

How to run the Highlight Command Line from Apache Ant

Let’s in this article how to clone a repository from Github and run Highlight’s analyzers from Apache Ant, and upload scan results to the portal and quickly get unprecedented software Analytics.

How to integrate Highlight’s Command Line in a Jenkins Pipeline

As the Highlight command line is a real hit across users who want to automate the scan of their code bases, we thought it could be helpful to provide a series of templates and code samples for the different build tools where you would integrate our code scans. The script below illustrates how to integrate the command line within a Jenkins pipeline.

Highlight integrates into your ecosystem using our public API

The recent product release of CAST Highlight introduces our public API to let you share unprecedented Software Analytics and code-level health metrics with the rest of your technology ecosystem as well as automate actions on our platform. In this article we’ll review the API and what kind of new consumption usages it enables for Highlight [...]

Run Highlight code scans into your CI/CD environments

The concept of a scriptable command line is one of the pillars of Devops and the benefit of automation has made tasks like Cloud deployment, environment provisioning, database backup and software build more reliable and a huge time saver for developers. As many Devops heads say “throw away any piece of software you couldn’t run automatically”. Needless to say that a command line has now become a must-have in Highlight to continuously scan code and build software analytics.

Highlight Tutorial: Code Scan with the Local Agent

This tutorial demonstrates your first steps with CAST Highlight as a Contributor: How to activate your account How to download/install the Local Agent How to configure & scan your applications How to upload results to the platform How to access & answer the survey as an Application Owner  

Highlight Tutorial: First steps to manage your application portfolio

This tutorial demonstrates your first steps in the Highlight platform as a Portfolio Manager: How to activate your account How to create and manage domains to structure your portfolio How to invite/enroll users to the platform How to create an application How to attach applications and users to domains How to launch your first scan campaign […]

Third-Party Tools – Code & Database Extractors

Mainframe COBOL Program Splitter

In order to scan your Mainframe applications with CAST Highlight, you’ll have to split them into COBOL programs. To do so, you can use this tool to automatically extract and split your PDS files into programs.

Database Code Extractor

This tool will help you extract code (stored procedures) from your database to scan it with Highlight’s Local Agent. This tool works with Oracle PL/SQL and Microsoft T-SQL databases.

SAP Abap Code Extractor

In order to scan your SAP systems with CAST Highlight, you’ll have to extract the customized code. Download this tool to automatically extract and prepare your ABAP code to be scanned with the Local Agent.