Lucent Sky AVM 4.1 release information

2018/12/26 |

This article includes a list the new features and bug fixes that are included in Lucent Sky AVM 4.1, as well as known issues of this release.

For more information about this release, visit the blog post Lucent Sky AVM 4.1 released.

Updates in Lucent Sky AVM 4.1

  • Intelligent Analysis - Since Lucent Sky AVM v2, two analysis modes were offered, Standard Analysis and Comprehensive Analysis. Standard Analysis analyzes the parts of the application that are exposed externally, as well as classes and libraries referenced by them, while Comprehensive Analysis analyzes the application in its entirety. Starting in v4.1, Intelligent Analysis replaces Standard Analysis as the default analysis mode. Intelligent Analysis is similar to Standard Analysis, but it also combined security knowledge based on previous scans as well as threat intelligence. As a result, Intelligence Analysis knows what parts of the applications, either in source code form or as libraries, can be considered safe and don't need to be analyze again. This reduced the time and resources required for each scan, and resulted in around 16% faster analysis performance in our internal testing. Comprehensive Analysis remains unchanged, and users can always choose to scan or not scan a certain parts of an application through the use of scan arguments.

  • Improved analysis memory efficiency - Almost a year ago, we introduced a way to improve memory efficiency in the analysis engine by providing a distributed memory management policy. When enabled, this policy allows Lucent Sky AVM to use much less memory during analysis with a minor performance hit, and therefore being able to scan applications that have several millions lines of code with ease. In v4.1, we overhauled the algorithms behind this feature to allow even better memory usage. Lucent Sky AVM will also now intelligently decide the memory management policy for a scan, while the users can also set the policy explicitly using scan arguments. Over the next few releases, we will continue improving the memory management algorithm to improve its performance.

  • Updates to Web UI - The interface for generating mitigated source code and reports has been overhauled. Previously, user needs to stay on the generation dialog until the mitigated source code or report has been generated to be able to download it. In addition to the inconvenience, it also caused issue when a scan has the very large amount of results. Starting with v4.1, users can either stay on the dialog or navigate away while the mitigated source code or report is being generated. The user will then be able to download it when the generation has been completed. In addition, users will also be able to download mitigated source code and reports generated previously by themselves or other users. The Web UI also received a number of small fixes.

  • Updates to CLI - Similar to the changes done to the Web UI, CLI users will now have the option to conduct mitigated source code and reports in an asynchronous manner, check the status of an ongoing generation, and download the mitigated source code and reports when generation is completed. As a result of this update, several method names and argument names have been changed. To learn more about the changes to the CLI in v4.1, visit the KB article.

List of fixes included in Lucent Sky AVM 4.1

There are currently no known issue of Lucent Sky AVM 4.1.

Known issues of Lucent Sky AVM 4.1

The result filter in Web UI is broken

You are unable to use the result filter to update the list of results being shown, such as modifying the rule and vector filters, or selecting a priority score.

A hotfix is available. To obtain the hotfix, contact Lucent Sky support. This issue has been resolved in Lucent Sky AVM 4.1.1.