AWS Security ChangesHomeSearch

AWS prescriptive-guidance documentation change

Service: prescriptive-guidance · 2026-06-25 · Documentation low

File: prescriptive-guidance/latest/migration-tools/discovery-cast-highlight.md

Summary

Updated CAST Highlight documentation with formatting improvements and content reorganization. Changed product overview to include planning/recommendation capabilities, simplified table structure, and consolidated capability descriptions.

Security assessment

Changes are primarily formatting and organizational improvements without introducing new security content. Existing security-related capabilities (open source compliance analysis) were already documented and remain unchanged. No evidence of vulnerability fixes or security incident documentation.

Diff

diff --git a/prescriptive-guidance/latest/migration-tools/discovery-cast-highlight.md b/prescriptive-guidance/latest/migration-tools/discovery-cast-highlight.md
index 4d9feca26..13d2f4b7d 100644
--- a//prescriptive-guidance/latest/migration-tools/discovery-cast-highlight.md
+++ b//prescriptive-guidance/latest/migration-tools/discovery-cast-highlight.md
@@ -7 +7 @@
-Product overviewDiscovery capabilities
+Product overviewDiscovery, planning, and recommendation capabilities
@@ -13 +13 @@ Product overviewDiscovery capabilities
-###### Notice
+###### Note
@@ -21,20 +21,5 @@ Category | Product capabilities
-  
-**Product website**
-    
-| [CAST Highlight](https://www.castsoftware.com/highlight/)  
-  
-**Product certifications**
-    [AWS Competency Program](https://aws.amazon.com/partners/offerings/) competencies and other certifications
-| AWS Migration and Modernization – Discovery, Planning, and Recommendation  
-  
-**AWS Marketplace**
-    Link to subscribe or download
-| [CAST Highlight on AWS Marketplace](https://aws.amazon.com/marketplace/pp/prodview-rjrikuvzqawl6)  
-  
-**Tool deployment model**
-    Product can be SaaS-based or customer-deployed
-| SaaS-based   
-  
-**Compliance**
-    
-| 
+**Product website** | [CAST Highlight](https://www.castsoftware.com/highlight/)  
+**Product certifications**[ AWS Competency Program](https://aws.amazon.com/partners/offerings/) competencies and other certifications | AWS Migration and Modernization – Discovery, Planning, and Recommendation  
+**AWS Marketplace** Link to subscribe or download | [CAST Highlight on AWS Marketplace](https://aws.amazon.com/marketplace/pp/prodview-rjrikuvzqawl6)  
+**Tool deployment model** Product can be SaaS-based or customer-deployed | SaaS-based  
+**Compliance** | 
@@ -46,4 +31 @@ Category | Product capabilities
-  
-**Service model**
-    
-| 
+**Service model** | 
@@ -56,4 +38 @@ Category | Product capabilities
-  
-**Pricing model**
-    
-| Subscription  
+**Pricing model** | Subscription  
@@ -65,3 +44 @@ Category | Product capabilities
-  
-**Discovery method**
-     The ability to support one or more of the following discovery methods:
+**Discovery method** The ability to support one or more of the following discovery methods:
@@ -75,23 +51,6 @@ Category | Product capabilities
-  
-**Resources discoverable**
-    The ability to discover servers, databases, storage systems, network devices, software processes, containers, and mainframes
-|  Not available  
-  
-**Operating systems discoverable**
-    
-|  Not available  
-  
-**Other resources discoverable**
-    
-| CAST Highlight scans application source code and discovers a broad scope of insights such as cloud maturity, cloud blockers for migration and modernization (from customer premises to AWS, from other cloud to AWS, for on AWS modernization), containerization blockers, three types of open source risks, green software insights, and more.  
-  
-**Discovery of resource profiles**
-    The ability to discover the CPU family (such as x86 or RISC/PowerPC), number of CPU cores, memory size, number of disks, storage size, IOPS, network interfaces, or bandwidth
-|  Not available  
-  
-**Resource utilization data collection**
-    The ability to collect time-series utilization data, such peak, average, median, standard deviation, IOPS, throughput, percentile with sampling interval of 5 minutes, and minimum sampling duration of 1 month
-|  Not available  
-  
-**Application dependency level**
-     The ability to discover application dependency and export dependency data:
+**Resources discoverable** The ability to discover servers, databases, storage systems, network devices, software processes, containers, and mainframes | Not available  
+**Operating systems discoverable** | Not available  
+**Other resources discoverable** | CAST Highlight scans application source code and discovers a broad scope of insights such as cloud maturity, cloud blockers for migration and modernization (from customer premises to AWS, from other cloud to AWS, for on AWS modernization), containerization blockers, three types of open source risks, green software insights, and more.  
+**Discovery of resource profiles** The ability to discover the CPU family (such as x86 or RISC/PowerPC), number of CPU cores, memory size, number of disks, storage size, IOPS, network interfaces, or bandwidth | Not available  
+**Resource utilization data collection** The ability to collect time-series utilization data, such peak, average, median, standard deviation, IOPS, throughput, percentile with sampling interval of 5 minutes, and minimum sampling duration of 1 month | Not available  
+**Application dependency level** The ability to discover application dependency and export dependency data:
@@ -105,3 +63 @@ Category | Product capabilities
-  
-**Visualization level**
-     The ability to provide multiple-level visualization of applications:
+**Visualization level** The ability to provide multiple-level visualization of applications:
@@ -121,47 +76,12 @@ Category | Product capabilities
-  
-**Database details discovery, source database system**
-    
-|  Not available  
-  
-**Storage details discovery**
-    The ability to discover storage details, such as systems, types, capacity, configuration, utilization, and object metadata
-|  Not available  
-  
-**Storage systems discoverable**
-    The ability to discovery storage systems, such as EMC Isilon, EMC VMAX, Hitachi Vantara, HPE 3PAR, and Pure Storage
-|  Not available  
-  
-**File system details discovery**
-    
-|  Not available  
-  
-**Software details discovery, programming languages**
-    
-| 50+ languages, including C#, C++, Closure, COBOL, Go, Java, JavaScript, Kotlin, PHP, Python, Ruby, Scala, Swift, TypeScript, VB.NET. See [Technology Coverage](https://doc.casthighlight.com/#technologycoverage).  
-  
-**Software details discovery, frameworks or libraries**
-    
-| All the libraries and frameworks used by applications: defined in dependency files or through copy and pasting of public source code in public repositories  
-  
-**Software details discovery, ISV products**
-    The ability to discover independent software vendor (ISV) products, such as Splunk Enterprise or F5 BIG-IP Virtual Edition
-| Detection of proprietary or private components listed in dependency files  
-  
-**Container details discovery**
-    
-|  Not available  
-  
-**License discovery**
-    
-|  Not available  
-  
-**Data sovereignty support**
-    The ability to keep discovered data within a specific geographic region
-|  Available  
-  
-**Data export ability**
-    The ability to export the discovered data into a usable format, such as CSV or JSON
-|  Available  
-  
-**Code analysis**
-     The ability to support static and dynamic code analysis, optionally identifying:
+**Database details discovery, source database system** | Not available  
+**Storage details discovery** The ability to discover storage details, such as systems, types, capacity, configuration, utilization, and object metadata | Not available  
+**Storage systems discoverable** The ability to discovery storage systems, such as EMC Isilon, EMC VMAX, Hitachi Vantara, HPE 3PAR, and Pure Storage | Not available  
+**File system details discovery** | Not available  
+**Software details discovery, programming languages** | 50+ languages, including C#, C++, Closure, COBOL, Go, Java, JavaScript, Kotlin, PHP, Python, Ruby, Scala, Swift, TypeScript, VB.NET. See [Technology Coverage](https://doc.casthighlight.com/#technologycoverage).  
+**Software details discovery, frameworks or libraries** | All the libraries and frameworks used by applications: defined in dependency files or through copy and pasting of public source code in public repositories  
+**Software details discovery, ISV products** The ability to discover independent software vendor (ISV) products, such as Splunk Enterprise or F5 BIG-IP Virtual Edition | Detection of proprietary or private components listed in dependency files  
+**Container details discovery** | Not available  
+**License discovery** | Not available  
+**Data sovereignty support** The ability to keep discovered data within a specific geographic region | Available  
+**Data export ability** The ability to export the discovered data into a usable format, such as CSV or JSON | Available  
+**Code analysis** The ability to support static and dynamic code analysis, optionally identifying:
@@ -181,60 +100,15 @@ Category | Product capabilities
-  
-**Pipeline integration**
-    The ability to integrate with CI/CD pipelines for continuous code analysis
-|  Available  
-  
-**Service discovery, mapping**
-    The ability to automate service discovery mapping, which identifies the underlying services, dependencies, and communication patterns (including to external resources, such as SaaS providers)
-|  Available  
-  
-**Service discovery, recommendations**
-    The ability to suggest optimizations for discovered services
-| Partial: to a certain level of detail (for example, only on API calls)  
-  
-**Monolith decomposition, identification**
-    The ability to identify candidate microservices, given classes, objects, functions, and stored procedures
-|  Not available  
-  
-**Monolith decomposition, impact analysis**
-    The ability to analyze the impact of the decomposition process
-|  Not available  
-  
-**Open source compliance analysis, identification**
-    The ability to identify non-compliant open source solutions within an application
-|  Available  
-  
-**Open source compliance analysis, recommendations**
-    The ability to suggest compliant alternatives or remediation steps
-|  Available  
-  
-**Framework migration, standard**
-    The ability to support framework migrations, such as Spring to Spring Boot or .NET Framework to .NET 6+
-|  Not available  
-  
-**Framework migration, legacy**
-    The ability to migrate legacy frameworks, databases, or data formats during framework migrations
-|  Not available  
-  
-**Environmental impact analysis**
-    The ability to provide guidance about the sustainability of applications, such as before and after a migration
-|  Available  
-  
-**Cost of change analysis, effort**
-    The ability to estimate the effort required to modernize an application
-|  Available  
-  
-**Cost of change analysis, architecture**
-    The ability to estimate the target architecture costs after modernizing an application
-|  Not available  
-  
-**Predictive outcome analysis**
-    The ability to rate modernization outcomes based on aggregated, anonymized data, such as the risk of change, the effort of change, and a confidence level that the change will be successful