Lucent Sky AVM scans for and automatically remediates security vulnerabilities in web, server, mobile, and desktop applications, and provides update guidance for vulnerable software components used by these applications. We make DevOps security efficient, actionable and scalable.
Most developers know how to prevent common vulnerabilities such as SQL injection, but struggle to actually remediate the thousands of vulnerabilities found in a large application.
Lucent Sky AVM works like a developer does to find and assess vulnerabilities and place "Instant Fixes" in code. It works just like a developer, but is capable of securing hundreds of vulnerabilities at a time.
Each Instant Fix is generated to remediate a specific vulnerability (and those linked to it) while preserving functionalities and performance. Below are two examples of Instant Fixes:
// CWE-79: Cross-site Scripting var body = sqlDataReader.GetString(2); Posts.Text += @"<div style=""margin-left: 30px;"">" + LucentSky.Security.Application.Masker.MaskPrivateInformation(LucentSky.Security.Application.Encoder.HtmlEncode(Body)) + @"</div>"; // CWE-89: SQL Injection var userName = UserName.Text; var password = Password.Text; sqlCommand = New SqlCommand(@"INSERT INTO [User] ([UserName], [Password]) VALUES (@lucentsky_userName, @lucentsky_password)", SqlConnection); sqlCommand.Parameters.AddWithValue("@lucentsky_userName", userName); sqlCommand.Parameters.AddWithValue("@lucentsky_password", password);
// CWE-79: Cross-site Scripting String eid = request.getParameter("eid"); out.println("Employee ID: " + org.lucentsky.security.application.Encoder.htmlEncode(eid)); // CWE-89: SQL Injection String userName = getAuthenticatedUserName(); String itemName = request.getParameter("itemName"); PreparedStatement statement = "SELECT * FROM items WHERE owner = '" + userName + "' AND itemname = ?"; statement.setString(1, itemName); ResultSet rs = statement.executeQuery(); rs.close();
In combination with New Relic APM, Lucent Sky AVM brings security and performance together - without you writing a single line of code.
Once linked, applications in Lucent Sky AVM are automatically mapped to their counterparts in New Relic APM. Applications created in the future will also be mapped.
Switch from the security view in Lucent Sky AVM to the performance view in New Relic APM with just one click.
Deploy high-performance code that's also secure
Performance and security are no longer trade-offs. In most cases, applications secured by AVM perform as fast as their original, vulnerable counterparts. With New Relic APM, you can see the little (if any) performance impact in realtime.
Learn more about integrating New Relic APM with Lucent Sky AVM.
Lucent Sky AVM is the only commercial solution in automatic application vulnerability mitigation. The technology was developed by industry veterans looking to automate common development practices as to add to their security and efficiency. Learn more about the ROI of Lucent Sky AVM.