Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

OptionDefault settingsDescription
Global risk assessmentActive

This option focuses on risk assessments by adding additional structural rules to the analysis. Selecting this option will currently install the following extensions (in addition to any that are discovered, set to force install or those that are automatically active / shipped extensions):

Security assessmentInactive

This option focuses on user input security assessments for JEE/NET technologies. Selecting this option will currently:

Functional points measurementActive

This option focuses on function points measurement. Selecting this option will currently install the following extensions (in addition to any that are discovered, set to force install or those that are automatically active / shipped extensions):

Info

If you are using a CAST global license that does not include EFP, then this option will not produce any results.


Blueprint designInactive

This option focuses on architecture identification and links between layersSelecting this option will currently install the following extensions (in addition to any that are discovered, set to force install or those that are automatically active / shipped extensions):

Data safety investigationInactive

This option focuses on flow of data identification and will deliver associated resultsSelecting this option will currently install the following extensions (in addition to any that are discovered, set to force install or those that are automatically active / shipped extensions):

GDPR / PCI DSS

Note

Two additional options are available (in AIP Console ≥ 1.26) specifically enabling a check of a set of predefined sensitive key words related to GDPR (General Data Protection Regulation) and/or PCI-DSS (Payment Card Industry Data Security Standards) data:

 

These options are ONLY currently taken into account for Mainframe technolgies (analyzed via the com.castsoftware.mainframe and SQL technologies (analyzed via the com.castsoftware.sqlanalyzer extension). Each option corresponds to one .datasensitive file located in the following location on the AIP Node:

Code Block
%PROGRAMDATA%/CAST/AipConsole/AipNode/datasafetychecks

In other words, enabling the GDPR option (for example) will force the check using the keywords defined in GDPR_Keywords.datasensitive. When the analysis runs, the predefined .datasensitive file corresponding to the chosen option is sent to the LISA folder (LISA/{appGuid}/DataSafety) and any key words defined in them will be checked. If any key words are found in the source code a flag will be added in the analysis results on the object in question. This can be seen as below:

Click to enlarge

Click to enlarge

...