Lucent Sky AVM 5.0 release information

2018/12/27 |

This article includes a list the new features and bug fixes that are included in Lucent Sky AVM 5.0, as well as known issues of this release.

For more information about this release, visit the blog post Lucent Sky AVM 5.0 released.

Updates in Lucent Sky AVM 5.0

  • CLEAR Engine API 2.0 - the WCF API of CLEAR Engine has been updated to 2.0. The v2.0 API is not backward-compatible with the v1.0 API found in Lucent Sky AVM 2.0 - 4.8. If you only use clients developed by Lucent Sky (web UI, CLI, and IDE plug-ins for Visual Studio and Eclipse), you don't have to make any change. However, if you have custom-built interfaces for CLEAR Engine, you will have to update them to use the v2 API. Learn more about the changes in CLEAR Engine API 2.0 released.

  • Context-aware remediation suggestions - remediation suggestion received another update in Lucent Sky AVM 5.0 and it is now available on all vulnerability categories where Instant Fixes are not available. Over the next few months, we will continue to improve remediation suggestion to make it more accurate and extend it to all vulnerability categories.

  • Priority score calculation - priority score is no longer calculated in web UI, but calculated in CLEAR Engine during the last stage of analysis. This allows priority score to take more vectors into account to more accurately represent the actual risk of an individual vulnerability. API clients can continue to use legacy priority score calculation by overriding the priority score calculated by CLEAR Engine.

  • Minor improvements and bug fixes - minor improvements and bug fixes were done to the Web UI

List of fixes included in Lucent Sky AVM 5.0

The path to results in some ASP applications are only shown partially on the web UI and report

This issue has been resolved in Lucent Sky AVM 5.0.

Known issues of Lucent Sky AVM 5.0

Paging is not available on the scan list

On some Lucent Sky AVM server instances that were upgraded from a previous version, paging is not available on the scan list.

This issue is expected to be resolved in Lucent Sky AVM 5.0.1.

IDE plug-ins are unable to include Application Protection Library to a project after a scan

On new installations of IDE plug-ins, such as Visual Studio extensions and Eclipse plug-in, are unable to include Application Protection Library to a project after a scan. This is due to that starting with v4.7, the CLI no longer include copies of Application Protection Library binaries.

To workaround this issue, download the Application Protection Library binaries from a Lucent Sky AVM server, and place them under the Resources\APL directory of the CLI. This issue is expected to be resolved in Lucent Sky AVM 5.1.