Lucent Sky AVM version 1912 releases

Lucent Sky AVM version 1912 MR

New features in 1912

General

CLEAR Engine is the central service responsible for the orchestration of different engines and services of Lucent Sky AVM. The new CLEAR Engine has been designed and optimized to work better with the new analysis and remediation engines, and enables significant performance improvements across the board.

Analysis

Binary analysis

The third-generation binary analysis engine provides incremental improvements over the current engine, and scalability is a key focus. A new direct binary analysis mode allows pre-compiled binary files to be analyze along with their source code, without the need of building it within the scan process. Additionally, new memory management algorithms provide greatly improved analysis performance on systems with large amount of memory.

The new analysis engine has been in public preview since v1906. With the new CLEAR Engine, it is the default binary analysis engine starting with v1912. Additionally, it also received performance improvements on JDK application analysis, and better detection for corrupted .NET binary files.

Source code analysis

  • The source code analysis engine for C/C++ has been updated to improve accuracy and coverage.

Weakness policies

  • Binary and source code analysis rules have been updated to provide more comprehensive and accurate vulnerability identification

  • The CWE list has been updated to 3.4.1

Reporting

  • Result is now available in the XML report

Administration

  • The SQL Server installed along with new Lucent Sky AVM installations has been updated to SQL Server 2019

Issues fixed in 1912 MR

  • We fixed a bug where multi-line remediation suggestion shows irrelevant line number

  • We fixed a bug where certain applications has extended pre-analysis time

  • We fixed a bug where error is shown when navigating to a result hidden due to license limitation

  • We fixed a bug where the entire pending scan queue becomes stuck when a pending scan is deleted

  • We fixed a bug where DiagnosticSettings and MaxDegreeOfParallelism settings are not preserved during an update