Lucent Sky AVM scans for and automatically remediates security vulnerabilities in web, server, mobile, and desktop applications, and provides update guidance for vulnerable software components used by these applications. We make DevOps security efficient, actionable, and scalable.
Most developers know how to prevent common vulnerabilities such as SQL injection, but struggle to actually remediate the thousands of vulnerabilities found in a large application.
Lucent Sky AVM works like a developer does to find and assess vulnerabilities and place "Instant Fixes" in code. It works just like a developer, but is capable of securing hundreds of vulnerabilities at a time.
Each Instant Fix is generated to remediate a specific vulnerability (and those linked to it) while preserving functionalities and performance. Below are two examples of Instant Fixes:
// CWE-79: Cross-site Scripting var body = sqlDataReader.GetString(2); Posts.Text += @"<div style=""margin-left: 30px;"">" + LucentSky.Security.Application.Masker.MaskPrivateInformation(LucentSky.Security.Application.Encoder.HtmlEncode(Body)) + @"</div>"; // CWE-89: SQL Injection var userName = UserName.Text; var password = Password.Text; sqlCommand = New SqlCommand(@"INSERT INTO [User] ([UserName], [Password]) VALUES (@lucentsky_userName, @lucentsky_password)", SqlConnection); sqlCommand.Parameters.AddWithValue("@lucentsky_userName", userName); sqlCommand.Parameters.AddWithValue("@lucentsky_password", password);
// CWE-79: Cross-site Scripting String eid = request.getParameter("eid"); out.println("Employee ID: " + org.lucentsky.security.application.Encoder.htmlEncode(eid)); // CWE-89: SQL Injection String userName = getAuthenticatedUserName(); String itemName = request.getParameter("itemName"); PreparedStatement statement = "SELECT * FROM items WHERE owner = '" + userName + "' AND itemname = ?"; statement.setString(1, itemName); ResultSet rs = statement.executeQuery(); rs.close();
In combination with New Relic APM, Lucent Sky AVM brings security and performance together - without you writing a single line of code.
Effortless setup
Once linked, applications in Lucent Sky AVM are automatically mapped to their counterparts in New Relic APM. Applications created in the future will also be mapped.
Seamless view
Switch from the security view in Lucent Sky AVM to the performance view in New Relic APM with just one click.
Deploy high-performance code that's also secure
Performance and security are no longer trade-offs. In most cases, applications secured by AVM perform as fast as their original, vulnerable counterparts. With New Relic APM, you can see the little (if any) performance impact in realtime.
Learn more about integrating New Relic APM with Lucent Sky AVM.
Lucent Sky has been a pioneer in automatic application vulnerability remediation since the release of Lucent Sky AVM. Its patended automatic remediation technologies has helped organizations remediated millions of vulnerabilities. Learn about their stories and see how Lucent Sky AVM can help you reduce cost and accelerate SDLC.