Lucent Sky AVM 2.6 released
July 31, 2015
Today we released Lucent Sky AVM 2.6. Version 2.6 marks the first release after we transitioned Lucent Sky AVM to a shorter release cycle. Until version 2.5, we released a new update at the end of each quarter, and occasionally a hotfix pack in between. Starting with version 2.6, we will release a new update at the end of each month.
Version 2.6 brings the following new features and improvements
Custom rule packs
Users can now upload rule packs containing custom rules they would like to use to identify vulnerabilities and mitigate vulnerabilities. For example, a user would be able to create a rule pack that enables the use of an enterprise mitigation library. Rule packs can only be managed by system administrators and are shared by all users, groups, and applications system-wide.
Expanded use of parameterized mitigation
We've further extended our expansion of the scenarios where parameterized queries will be used to mitigate SQL injections as well as other injection flaws. Most of these newly extended scenarios are related to Java applications.
Web-based server management
Administrators can now perform software update, server restarts and manage licenses within the web UI.
Vulnerability information within HTML reports
HTML reports now contain additional information about identified vulnerabilities.
More accurate application size
The mechanism used to determine the scope and size of an application is changed by including both source code and referenced libraries. Previously, only source code is included.
If you're using Lucent Sky AVM Standard or Enterprise (both on-premise and cloud), you can update to Lucent Sky AVM 2.6 immediately. Our support team will reach out to you shortly to schedule an update. If you're using Lucent Sky AVM On-demand, your server will be updated in the next few days.