On this page:
|Summary: this page describes the new features and bugs that have been fixed in the CAST Dashboard Package 1.12.0.|
|Version||Summary of content||Comments|
Can be used with:
|Note that starting from release 1.8.0, the CAST Security Dashboard related WAR files are no longer provided.|
|Internal ID||Ticket ID||Summary||Affects Version/s|
Source code editor pops up showing the old(another) QR details after performing a show all option for a different QR in the violation editor page
Administration option is not available when logged in as Admin in health dashboard.
Unable to generate 'Top rules with highest improvement opportunities' due to java.lang.NullPointerException from rest api - improve
Health Dashboard : During Cache reload, no warning message displayed
Updates - All Dashboards
CAST AIP Datamart
Introducing AIP Datamart (Beta) - a new way to expose, explore, and integrate AIP data for management reporting, with the following notable features:
- Robust and flexible Data structure that contains almost all key AIP metrics.
- A robust ETL mechanism for faster deployment and less effort to maintain.
- A new set of API services with streaming mode for faster extraction.
- Easier integration with off-the-shelf BI tools.
- Flexibility for users to select data that are relevant for the customers.
- Ability to integrate with external customer data.
- Ability to create derived metrics that aligns with customer business practice.
- Flexibility to customize the data structure that fulfils client reporting needs.
- Support for custom rule groupings.
- Support for various Industry Standard Tags.
See https://github.com/CAST-Extend/com.castsoftware.uc.aip.datamart for more information.
|The current version is a BETA. We intend to include more features in it. We strongly encourage you to try this version at your end and provide us with your valuable feedback.|
Updates - Engineering Dashboard
DASHBOARDS-1374 - Application Investigation view changes for Impacted Transactions
A new section has been added to the Application Investigation view that lists all impacted transactions for a given object (i.e. all the transactions that the selected object is participating in):
Click to enlarge
This view will only function when the following Health Measure filters are active:
The section displays:
- Transaction Name
- Risk Level (i.e. the Transaction Risk Index (TRI) value)
- An icon to provide access to the Transaction Investigation view
DASHBOARDS-1511/1510 - Transaction Investigation view redesigned
The Transaction Investigation view has been redesigned as follows:
- Selecting a Transaction in the left hand panel will instantly display two sections in the right hand panel showing (the intermediate screens shown in previous Dashboard releases such as Health Measure, Business Criterion, Technical Criterion have been removed):
- the list of rules violated by the selected transaction
- the list of impacted objects for a selected transaction (i.e. all objects that participate in the selected transaction) that are violating at list one rule:
Click to enlarge
DASHBOARDS-1465 - Parameter details available for Distribution metrics
For Distribution metrics such as Sizing, Coupling, SQL Complexity, Cyclomatic Comoplexity etc. it is now possible to see detailed information about each Parameter that contributes to the Distribution metric. For a given Distribution in each snapshot, the contributing Parameters are listed, together with the type of technology involved (Object Type Involved) and the number of objects (Parameter Value) classed in that parameter. See also CAST Dashboard Package - Engineering Dashboard - Risk Investigation.
DASHBOARDS-1310 - Predefined Industry Compliance reports
The predefined Industry Compliance reports available in the Report Generation feature have been updated as follows. All reports not listed have not changed.
New in 1.12.0
The following reports are new in 1.12.0:
NIST-SP800-53R4 Compliance Report
STIG V4R8 Standards Compliance Report
STIG V4R8 Standards Detailed Report
Renamed in 1.12.0
The following reports have been renamed:
|Previous name||Name in 1.12.0|
|CISQ Top 22 Summary Report|
CISQ Security Compliance Report
|CWE Top 25 Summary Report|
CWE Compliance Report
|OWASP 2017 Summary Report|
OWASP 2017 Compliance Report
|OWASP 2013 Summary Report||OWASP 2013 Compliance Report|
DASHBOARDS-1464/1506 - New Miscellaneous Report for Top Cyclomatic Complexity changes
A new predefined Miscellaneous Report (available in the Report Generation feature) has been added to provide information about the objects that have the highest Cyclomatic Complexity changes in comparison to the previous snapshot. The report is not available when only one snapshot exists.
Click to enlarge
You can click the icon highlighted in the right hand column to view to view specific information about the object in the Application Investigation view:
DASHBOARDS-1447 - Action Plan filtering improvements
It is now possible to use a filter on most columns in the Action Plan:
In addition the behaviour of the search box has been changed - you can now search on the Object Name Location field - i.e. you can search for specific violations (based on the object name location field):
Server Cache reloading
While the server reloads from cache there will be a message in the login page stating "Server Cache is refreshing. Please wait...". If the user is already logged in, a pop-up will block user activity until the server has completed the cache refresh:
Click to enlarge