Lucent Sky AVM version 1909 releases

Lucent Sky AVM version 1909 SU1

What’s new in 1909 SU1

  • Vulnerability categorization now includes the version of the categories (such as OWASP Top 10 2017).

  • When generating reports or secured source code on an instance with slow disk I/O, a less aggressive data access strategy will be used to reduce I/O stress.

Issues fixed in 1909 SU1

These are the issues addressed in 1909 SU1:

  • We fixed an issue where the specified binary analysis target is not included when using direct binary analysis if the target falls outside of the .NET project.

  • We fixed an issue where the download link for PDF report is available even when PDF report generation failed.

Lucent Sky AVM version 1909 MR

New features in 1909

Analysis

Binary analysis

The third-generation binary analysis engine provides incremental improvements over the current engine, and scalability is a key focus. A new direct binary analysis mode allows pre-compiled binary files to be analyze along with their source code, without the need of building it within the scan process. Additionally, new memory management algorithms provide greatly improved analysis performance on systems with large amount of memory.

In v1909, the binary analysis engine gains the ability the analysis binary files without accompanying source code or debug symbols.

The third-generation binary analysis engine is currently in public preview and works alongside the current engine, and is available to customers in the Lucent Sky AVM Preview Program. To learn more about how to to use the new features of the third-generation binary analysis engine, or to join the Lucent Sky AVM Preview Program, visit Introducing Lucent Sky AVM Preview Program. It is estimated to achieve General Availability in the next major release of Lucent Sky AVM.

Source code analysis

Enhancements were made to the source code parser and the contextual analysis engine to improve the scan performance on large applications. In addition, a bug that caused JavaScript analysis to stuck on certain minimized code has been fixed.

Result signature and suppression

A new result signature algorithm has been put in place, providing a unified result suppression experience. The new algorithm also provides performance improvements and the ability to automatically suppress non-actionable results. To enable automatic suppression, set the setting AutomaticSuppression to True.

Custom rule packages containing result signatures generated with previous algorithms will continue to work unless the setting SuppressionCompatibilityMode is set to False, which can take advantage of the performance improvements of the new algorithm.

Weakness policies

Various analysis rules have been updated to provide more comprehensive and accurate vulnerability identification. A notable update is the identification of CWE-611 now takes into consideration the behaviors of different versions of numerous XML parsers.

Remediation

  • Performance and stability improvements when generating the remediated source code.

Build

.NET

  • The Configuration and OutputPath build properties can now be set in scan arguments and will override the default settings.

Java

  • Performance improvements.

Interfaces

Web UI

  • Various improvements to the web UI. Most notable is the text below icons are now clickable. We share the excitement of our users as we mark this 4 year-old bug as resolved.

Issues fixed in 1909 MR

  • We fixed a bug where the Configuration and OutputPath build properties cannot be set with scan arguments

  • We fixed a bug where scan appears to be stuck when analyzing applications with certain minimized JavaScript code.