Lucent Sky AVM version 2009 releases

Lucent Sky AVM version 2009 SU1

New features in 2009 SU1

Pre-analysis

  • Framework mismatch detection

    If a great majority of the source code files in the scan belong to frameworks other than the selected one, a framework mismatch warning is shown. The warning has no impact on the result of the scan.

Analysis

Binary analysis

  • Additional 3rd-part security libraries are now recognized by the binary analysis engine.

Source code analysis

  • Accuracy improvements on the source code analysis engines
  • Improved analysis for backup files
  • Additional 3rd-part security libraries are now recognized by the binary analysis engine.

Hybrid analysis

  • Opportunistic analysis

    When opportunistic analysis is enabled, if build failed for .NET or JDK applications, the scan will continue with additional source code analysis enabled. A warning is shown when opportunistic analysis is triggered. Opportunistic analysis is disabled by default. To enable it, set OpportunisticAnalysis to true in the storage configuration file.

Remediation

  • Accuracy improvements for remediation suggestions
  • Remediation engine improvements for imported SAST reports (bug 1672, bug 1661, bug 1660, PBI 1662, feature 1647)

Reporting

  • Scan agent settings are now included on reports

Interface

  • Scan agent settings are now visible on the scan details page of the Web UI

Administration

  • License activation process has been streamlined

Issues fixed in 2009 SU1

These are the issues addressed in 2009 SU1:

  • We fixed an issue where Ant build failed when scanning Java applications with no .java file
  • We fixed an issue where some valid custom binary analysis rules are rejected
  • We fixed an issue where 7-Zip files with long paths are not properly detected
  • We fixed an issue where incorrect ‘No Data’ and ‘No Scan’ information on the project index page
  • We fixed an issue where update fails on systems without a valid license
  • We fixed an issue where the setup program does not request administrator privileges

Lucent Sky AVM version 2009 MR

New features in 2009 MR

Build

  • Improved handling of build parameters for JDK applications
  • Performance improvements on Java build toolchains

Analysis

  • Support for static websites built with ECMAScript-based front-end frameworks
  • Support for Visual Basic 6 applications
  • Intelligent analysis performance and availability improvements

Binary analysis

  • Performance improvements on the .NET and JDK binary analysis engines
  • Improved support for JDK 11, 12, 13, and 14

Source code analysis

  • Improvements on the C/C++ and PHP source code analysis engines
  • Support for custom data flow rules in the .NET, ASP, and JDK source code analysis engines
  • Common JavaScript libraries are now recognized and no longer count against the license limit

Remediation

  • Expanded PHP support in the forth-generation remediation engine

    Expanded PHP support is currently in public preview and is available to customers in the Lucent Sky AVM Preview Program. To learn more about how to to use the new features of the third-generation binary analysis engine, or to join the Lucent Sky AVM Preview Program, visit Introducing Lucent Sky AVM Preview Program. It is estimated to reach General Availability in 2009 SU1.

  • Applicability improvements on remediation algorithms for .NET Core, ASP.NET MVC, and Java MVC websites
  • Accuracy improvements on the remediation engines
  • Improvements on remediation support for Fortify Static Code Analyzer

Reporting

  • QoL improvements on suppression signatures
  • Syntax highlighting improvements

Interface

  • Low data mode on the Web UI

    Low data mode disables some detail information on the Application and Scan dashboards, such as the number of results in each scan. This improves Web UI performance on systems with slow database I/O.

  • Syntax highlighting improvements
  • Support for API key

    The use of encoded credentials in the CLI is being deprecated. To learn more about using API keys in the CLI, view the following article in the Lucent Sky Knowledge Base: Get started with Lucent Sky AVM CLI

Administration

  • Reliability and performance improvements for the setup program

Issues fixed in 2009 MR

  • We fixed an issue where scan progress during the S-3 stage are not accurately updated
  • We fixed an issue where scans with a custom rule package might become stuck at Analysis S-3 (41%) if the custom rule package contains certain custom identification rules.