The Overview with Fast Scan panel is part of the onboarding workflow introduced in 2.3.1. It will only be populated when this onboarding workflow is enabled and used - see Administration Center - Settings - Application Onboarding. See also Workflow - Application onboarding with Fast Scan.

Introduction

The panel contains the results of the fast scan phase/deep analysis for a newly onboarded application when using the onboarding with Fast Scan workflow (see Administration Center - Settings - Application Onboarding for information about how to enable it). The process of delivering application source code is exactly as in the legacy onboarding workflow (either via a ZIP archive file or via a designated source code folder on disk) however, the onboarding with Fast Scan process is not a "quick" one-shot onboarding (upload source code, analysis, snapshot, publishing in one go): instead, source code is delivered and then Console will perform the initial "fast-scan" phase to determine the application's technologies/languages/frameworks etc.

When the fast scan phase is complete, users are directed automatically to this Overview with Fast Scan panel where the delivered source code can be inspected (size, structure etc.) for completeness, source code filters (exclusions) can be defined and any "additional options" such as automatic extension installation, activation of Security Dataflow analysis etc. can be activated. Following that, an analysis and publishing to CAST Imaging or Dashboards (i.e. generating a snapshot) can be launched. When an analysis and upload to CAST Imaging/Dashboards has been completed, this Overview panel remains available and additional information will be presented about the deep analysis results.

The main goal of this panel is to encourage source code to be inspected before it is sent for deep analysis to ensure that the correct source code has been delivered and any unwanted code can be excluded.

Access

To access the panel manually, move to the Console screen if you are not already there:

Find the application that has been onboarded using the Onboarding with Fast Scan workflow and click it:

Overview panel

Click to enlarge

See the following child pages for an explanation of each section in the panel:

Technical aspects

The information provided in this panel is generated by internal tools as follows:

  • ≥ 2.10The CAST Profiler (https://profiler.castsoftware.io/) engine is used - this aligns CAST Console with CAST Profiler and brings improved scanning performance over the Framework Detector. Note that CAST Profiler will be silently and automatically updated whenever a new release of CAST Profiler is published. This is achieved as follows:  a check for updates will occur roughly 1 minute after the Node service has been (re-)started, then every 24hrs. In addition, a check is made each time the  "SAVE" button is pressed in Administration Center - Settings - CAST Extend  (whether a field has been changed or not).
  • ≤ 2.9: The Framework Detector is used.