Lucent Sky AVM version 2206 release notes

2022/8/17 |

Lucent Sky AVM version 2206 releases

Lucent Sky AVM version 2206 SU1

New features in 2206 SU1

Binary analysis

  • Caching performance improvements for the JDK binary analysis engine

Intelligence

  • Rule packages are available through real-time intelligence
  • Improved usability on systems with limited Internet connectivity

Interface

  • Scan archiving and purging are now available on the Web UI

Storage

  • Performance improvements for the storage subsystem

Administration

  • Auto archive of older scans is now available on on-premise instances

Issues fixed in 2206 SU1

  • We fixed an issue where some placeholder strings are present in the HTML report
  • We fixed an issue where certain special characters are removed from search terms when searching for application names or tags
  • We fixed an issue where certain binary files are counted against the license scope on scans that only use source code analysis
  • We fixed an issue where certain unsupported files are counted against the license scope
  • We fixed an issue where scans occasionally failed with invalid arguments error on instances with high core counts
  • We fixed an issue where some ECMAScript code files might be mistakenly characterized as minified files, therefore skipping some analyses

Breaking changes in 2206 SU1

Interface

  • CLI argument for archiving and purging scans

    Potential breaking change. The range of the PurgeThreshold argument has been limited to at least 168 hours and at most 240,000 hours from the current time. Effectively, scans created in the last 7 days cannot be archived or purged.

Administration

  • Renamed CLEAR Engine cluster configuration settings

    No functional change. The setting AutomaticSupression has been renamed to AutoSuppression. However, the value of AutomaticSupression will be used if AutoSuppression is not present.

Lucent Sky AVM version 2206 MR

New features in 2206 MR

Binary analysis

  • Accuracy improvements for Java applications
  • General improvements for the binary analysis engines

Source code analysis

  • Compatibility improvements for the C#, VB.NET source code analysis engine
  • General improvements for the source code analysis engines

Dependency analysis

  • General improvements for the dependency analysis engines

Importation

  • Performance improvements for 3rd-party analysis report importation

Intelligence

  • Performance improvements for real-time intelligence

Weakness policies

  • Support for CWE 4.7
  • Pre-defined categorization for OWASP API Security Top 10
  • CWE Top 25 are now categorized by year

Interface

  • Support for source code directory upload in the Web UI and the CLI

Administration

  • Instance recovery is available in the CLEAR Engine installer

Issues fixed in 2206 MR

  • We fixed an issue where the Application Protection Library is not available for on-premise instances with the On-Demand SKU
  • We fixed an issue where the scan fails when the source code archive contains certain non-Unicode multibyte characters

Breaking changes in 2206 MR

There is no breaking change in 2206 MR.