September 17, 2020
Welcome to Lucent Sky AVM version 2006 SU1, the first Service Update for 2006 MR. It is a rather comprehensive Service Update, as it includes quite a few improvements on the analysis and remediation engines, in addition to bug fixes. To learn more about this release, visit Lucent Sky AVM version 2006 release notes.
In 2006 MR, we have included the forth-generation remediation engine, and a few of our customers have been testing it for the past two months. Although it was originally planned for GA in the next Minor Update, we were very encouraged by the results and decided to move the GA ahead to 2006 SU1 so more customers can start benefiting from it.
In the forth-generation remediation engine, we have greatly expanded context-aware suggestion - those code snippets that are generated when Instant Fixes are not available. Most vulnerabilities, including insecure-design errors such as missing encryption issues, will have context-aware suggestions available. In addition, insecure-implementation errors such as injection flaws will also have context-aware suggestions when an Instant Fix cannot be confidently generated by the algorithm.
We have made improvements to the binary analysis engine for Java to improve coverage. We have also made improvements to the source code analysis engines and added new rules to improve both accuracy and coverage. Lastly, the hybrid analysis algorithms have been updated to better corelate results from binary analysis and source code analysis.
If you are using Lucent Sky AVM Enterprise or Standard Edition (either on-premise or cloud) and have an active subscription, you can update to 2006 SU1 immediately. Our support team will reach out to you shortly to schedule an update. If you are using Lucent Sky AVM On-Demand, your server will be updated to 2006 SU1 in the next few days.