CAST Imaging consists of different components and products:
- AIP Console package
- AIP Core for Imaging + AIP Node package
- CAST Storage Service / PostgreSQL
- CAST Imaging instance
At a broad level, the workflow above shows onboarding of application source code to CAST AIP through AIP Console. CAST AIP generates application source code metadata by reverse-engineering front-end, middleware, and back-end code. The application data that is generated by CAST AIP is automatically imported into CAST Imaging for investigation purposes:
Click to enlarge
CAST AIP is piloted via the AIP Console - a front end web application that can be installed on Microsoft Windows or Linux and provides services that are required to configure and run AIP analyses remotely on multiple analysis machines. It supports the full AIP analysis process from registering the application, delivering the source code to producing the snapshots and viewing the result in CAST Imaging. AIP Console is designed such that it allows you to:
- Manage multiple "nodes" (i.e. AIP Core analysis engines) to spread the analysis load
- Create Applications
- Deliver source code for analysis
- Configure analyses
- Run analyses/snapshots
- Check logs
- Manage CAST extensions
- Direct access to CAST Imaging to check analysis/snapshot results
Click to enlarge
- AIP Core is the analysis "engine" - a software package installed on Microsoft Windows. It can be installed on one or multiple Windows servers (or "AIP Nodes") and is fully managed by the AIP Console front end web application. This is known as the "CAST AIP setup" in "legacy" terms.
- AIP Node back-end - a software package that provides the communication between the AIP Core analysis engine and the AIP Console front end web application. The AIP Node package must be installed alongside the AIP Core analysis engine, on each server (AIP node) managed by the AIP Console.
Data produced by the AIP Core analysis engine needs to be stored somewhere before it can be "consumed". This requirement is fulfilled by the open-source RDBMS PostgreSQL which CAST AIP is optimized to work with. PostgreSQL has been chosen largely due to its low cost (i.e. free) and fast performance. CAST provides PostgreSQL as a custom Windows installable package known as CAST Storage Service, or it can be installed on all mainstream Linux distributions via the repository system. CAST highly recommends the use of PostgreSQL on a Linux instance as this consistently gives the best performance during analyses.
CAST Imaging - result consumption
Results produced by the AIP Core analysis engine are consumed/exploited for the most part via browser based application called CAST Imaging. This is delivered as a separate standalone package and can be installed on Windows (directly or via Docker) or Linux (via Docker).