Lucent Sky AVM version 1909 MR released

September 24, 2019

Welcome to Lucent Sky AVM version 1909 MR, the third Minor Release of the year. The main feature of this release, and its service updates, is the third-generation binary analysis engine. To learn more about this release, visit Lucent Sky AVM version 1909 release notes.

New features in 1909 MR

These are the new features in version 1909 MR:

Binary analysis

The third-generation binary analysis engine provides incremental improvements over the current engine, and scalability is a key focus. A new direct binary analysis mode allows pre-compiled binary files to be analyze along with their source code, without the need of building it within the scan process. Additionally, new memory management algorithms provide greatly improved analysis performance on systems with large amount of memory.

In version 1909, the binary analysis engine gains the ability the analysis binary files without accompanying source code or debug symbols.

The third-generation binary analysis engine is currently in public preview and works alongside the current engine, and is available to customers in the Lucent Sky AVM Preview Program. To learn more about how to to use the new features of the third-generation binary analysis engine, or to join the Lucent Sky AVM Preview Program, visit Introducing Lucent Sky AVM Preview Program. It is estimated to achieve General Availability in the next major release of Lucent Sky AVM.

Source code analysis

Enhancements were made to the source code parser and the contextual analysis engine to improve the scan performance on large applications. In addition, a bug that caused JavaScript analysis to stuck on certain minimized code has been fixed.

Result signature and suppression

A new result signature algorithm has been put in place, providing a unified result suppression experience. The new algorithm also provides performance improvements and the ability to automatically suppress non-actionable results. To enable automatic suppression, set the setting AutomaticSuppression to true.

Custom rule packages containing result signatures generated with previous algorithms will continue to work unless the setting SuppressionCompatibilityMode is set to false, which can take advantage of the performance improvements of the new algorithm.

Weakness policies

Various analysis rules have been updated to provide more comprehensive and accurate vulnerability identification. A notable update is the identification of CWE-611 now takes into consideration the behaviors of different versions of numerous XML parsers.

Remediation

Build

Interfaces

Issues fixed in 1909 MR

Updating to 1909 MR

If you are using Lucent Sky AVM Enterprise or Standard Edition (either on-premise or cloud) and have an active subscription, you can update to 1909 MR immediately. Our support team will reach out to you shortly to schedule an update. If you are using Lucent Sky AVM On-Demand, your server will be updated to 1909 MR in the next few days.