Lucent Sky AVM version 1912 releases

Lucent Sky AVM version 1912 SU1

Issues fixed in 1912 SU1

These are the issues addressed in 1912 SU1:

  • We fixed an issue where Ant build fails when a custom runtime is selected.
  • We fixed an issue where the Web UI shows a blank page when the queried item does not exist.

Lucent Sky AVM version 1912 MR

New features in 1912 MR

General

CLEAR Engine is the central service responsible for the orchestration of different engines and services of Lucent Sky AVM. The new CLEAR Engine has been designed and optimized to work better with the new analysis and remediation engines, and enables significant performance improvements across the board.

Analysis

Binary analysis

The third-generation binary analysis engine provides incremental improvements over the current engine, and scalability is a key focus. A new direct binary analysis mode allows pre-compiled binary files to be analyze along with their source code, without the need of building it within the scan process. Additionally, new memory management algorithms provide greatly improved analysis performance on systems with large amount of memory.

The new analysis engine has been in public preview since v1906. With the new CLEAR Engine, it is the default binary analysis engine starting with v1912. Additionally, it also received performance improvements on JDK application analysis, and better detection for corrupted .NET binary files.

Source code analysis

  • The source code analysis engine for C/C++ has been updated to improve accuracy and coverage

Weakness policies

  • Binary and source code analysis rules have been updated to provide more comprehensive and accurate vulnerability identification
  • The CWE list has been updated to 3.4.1

Reporting

  • Scan result is now available in the XML report

Administration

  • The SQL Server installed along with new Lucent Sky AVM installations has been updated to SQL Server 2019

Issues fixed in 1912 MR

  • We fixed an issue where multi-line remediation suggestion shows irrelevant line number.
  • We fixed an issue where certain applications has extended pre-analysis time.
  • We fixed an issue where error is shown when navigating to a result hidden due to license limitation.
  • We fixed an issue where the entire pending scan queue becomes stuck when a pending scan is deleted.
  • We fixed an issue where DiagnosticSettings and MaxDegreeOfParallelism settings are not preserved during an update.