Lucent Sky AVM version 2103 release notes

2021/4/22 |

Lucent Sky AVM version 2103 releases

Lucent Sky AVM version 2103 MR

New features in 2103 MR

Binary analysis

  • Improvements on JDK binary analysis

Source code analysis

  • Major improvements on source code analysis engines for C/C++, C#, VB.NET, and ECMAScript
  • Improvements on source code analysis engines for Kotlin, Objective-C, PHP, Python, and Swift
  • Accuracy improvements on source code analysis engines

Hybrid analysis

  • Improvements on the framework detection algorithm
  • Improvements on the hybrid analysis correlation algorithms

Dependency analysis

  • Dependency analysis engine

    In addition to being analyzed with binary or source code analysis for unknown vulnerabilities, application dependencies now can also be scanned for known vulnerabilities such as those listed in the National Vulnerability Database. To enabled dependency analysis, enable the Dependency vector when scanning an application.

Remediation

  • Expanded .NET, JDK support in the forth-generation remediation engine

    In addition to the expanded PHP support included in v2009, the fourth-generation remediation engine has expanded support for .NET and Java applications. These expansions are currently in public preview and are available to customers in the Lucent Sky AVM Preview Program. To learn more about the Lucent Sky AVM Preview Program, visit Introducing Lucent Sky AVM Preview Program.

  • Performance improvements to the remediation engines
  • Improvements the Python remediation algorithms

Importation

  • Improved compatibility with third-party analysis reports

Weakness policies

  • Support for OWASP ASVS 4.0
  • Support for CWE v4.3

Reporting

  • HTML and XML reports are now digitally-signed and can be validated for authenticity
  • Results in HTML reports can be filtered by security standards and weakness lists

Interface

  • Updates on Eclipse plug-in and Visual Studio extension

  • Scan configuration as code

    Scan configurations can now be set with a YAML file, so they can be managed alongside the codebase. To learn more about scanning with configuration files, view the following article in the Lucent Sky Knowledge Base:
    Scan an application with a configuration file

  • Improvements on CLI
  • Improvements on the Web UI

Administration

  • Performance improvements for the setup program

Issues fixed in 2103 MR

  • We fixed an issue where weakness policies are not validate by the Web UI
  • We fixed an issue where the application list page does not load project information on Internet Explorer
  • We fixed an issue where the pie chart on the result details page containing broken links
  • We fixed an issue where the scan status filter on the Web UI does not work on some browsers
  • We fixed an issue where scan fails for Ant projects uploaded by the Eclipse plug-in when the system running Eclipse and the system running CLER Engine are set to different time zones
  • We fixed an issue where syntax highlighting is not available for Kotlin
  • We fixed an issue where some common open source libraries are included in source code analysis when the scan argument SkipKnownSafeFiles is not set or set to true
  • We fixed an issue where backup files containing certain weaknesses are identified as if they exist in normal code files