Lucent Sky AVM 3.9.1 is the maintenance release, focusing on ironing out several issues in the previous release. Improvements include fine-tuning the third generation mitigation engine, support of identifying and remediating Trust Boundary Violation issues, and a bug fix to the Java analysis engine.
Lucent Sky AVM 3.9 is the second milestone release as we get ready for the next major update - Lucent Sky AVM 4. In this release we continue to improve the third generation mitigation engine, available to customers who are in the Lucent Sky AVM Preview Program. Some of these improvements were also implemented to the current mitigation engine to improve its mitigation efficiency. In addition, the network stack of CLEAR Engine, the Web UI and IDE plug-ins were also updated.
Lucent Sky AVM 3.8 is the first milestone release as we get ready for the next major update - Lucent Sky AVM 4. At the core of this milestone release is a preview of the third generation of the mitigation engine. Built on Lucent Sky’s proprietary mitigation technology, the new mitigation engine is expected to expand the types of vulnerabilities that can be automatically remediated and enhance the accuracy and precision of the remediation, while increasing the performance and memory management when mitigating applications with a large number of vulnerabilities. As a preview, the third generation mitigation engine is available in Lucent Sky AVM 3.8 to participants of the Lucent Sky AVM Preview Program, and can be enabled or disabled per-server, per-application or per-scan. If you haven’t joined the Lucent Sky AVM Preview Program, you can learn more about it. In addition to the preview, improvements to the current mitigation engine and new vulnerability vector classifications were also included in Lucent Sky AVM 3.8.
As the second part of a series of performance-focused updates, Lucent Sky AVM 3.7 brings performance improvements to the analysis engine. Improved caching and parallel processing algorithms were added to the contextual analysis engine, and analysis performance will be noticeably improved on most applications. Web UI also received several improvements, such as result suppression functionalities and source code archive validation.
As the first part of a series of performance-focused updates, Lucent Sky AVM 3.6 brings performance and reliability improvements to the mitigation engine. Vulnerability mitigation is up to 20% faster across all supported technology stacks. The algorithm used to calculate confidence score of Instant Fixes was also updated to provide more accurate scoring. Also included were several bug fixes that addressed issues in the previous releases.
Lucent Sky AVM 3.5 is the second major update of the year, which brings updates to the mitigation algorithms (including a general availability update and a preview update) and improvements on analysis on mobile apps. Also included are minor UI updates.
Ahead of the release of Lucent Sky AVM 3.5 next week, we are introducing the Lucent Sky AVM Preview Program. The Preview Program enables users to experience and try out the latest in application vulnerability mitigation technologies, while maintaining the reliability they have come to expect from Lucent Sky AVM.
All Lucent Sky AVM users with a valid subscription are eligible to join the Preview Program, and can enable preview features in their Lucent Sky AVM instances once they have received a preview-enabled license. Users with Enterprise Edition licenses can also request addition licenses (without consuming their license quota) that allow for installation of additional preview instances.
Lucent Sky AVM 3.4 consists the result of months of engineering efforts that aimed to make Lucent Sky AVM more memory efficient, and improvements on ASP.NET compilation error tolerance. Also included are IDE plug-in updates that consolidate improvements made over the past four months.
By Melinda Jacobs, co-founder, Lucent Sky
I recently returned from Visa’s APAC Security Summit, where I was invited to sit on a panel titled “Balancing Risk and Innovation” — the only vendor to take the stage among a sea of bankers. Here is a selection of questions posed to me on the panel, and some abridged answers. Nothing below is representative of other panelists or institutional interests, simply some parting thoughts on Balancing Risk and Innovation as we return home from Phuket.
Members of the Lucent Sky team recently returned from the Visa APAC Security Summit in Phuket, Thailand. With over 400 attendees, the APAC Security Summit is Visa’s largest event globally, and was this year attended by risk and information security representatives of card issuers and acquirers throughout the region.
Presentations focused on work done within Visa, as well as highlight from its partner companies. Key topics included risk and data products, security roadmapping, the “cost” of cash, and how to secure the payments ecosystem.
Lucent Sky AVM 3.3 brings major improvements on analysis accuracy and data access performance, along with usability and performance improvements on the Web UI.
Lucent Sky AVM 3.2 focuses on performance improvements when conducting multiple scans simultaneously. Also included is an updated version of Visual Studio Extension, along with numerous minor UI improvements on the Web UI and CLI. In addition, a “mic drop” feature was planned that would allow users to create new scans but never see the identified and mitigated vulnerabilities, but it was scrapped due to poor user feedback.
Lucent Sky AVM 3.1.1 is a maintenance release that provides improvements on result categorization, including the introduction of new vectors. Additionally, the licensing scheme was also revised to allow more flexibility of larger scale deployment of Lucent Sky AVM.
Lucent Sky AVM 3.1 focuses on bringing refined controls to the web UI and enabling users to fine-tune scanning behaviors. Also included are management features such as usage logging and more visibility on licensed application scope.