April 22, 2021
Welcome to Lucent Sky AVM version 2103 MR, the first Minor Release for 2021. This release enables developers and engineers to better tackle software supply chain attacks, as well as to take advantage of the “configuration as code” trend to integrate security testing and vulnerability remediation with their codebase. It also brings new analysis engines and major enhancements to the remediation algorithms. To learn more about this release, visit Lucent Sky AVM version 2103 release notes.
With the recent uptick on software supply chain attacks, it has never been more important to have visibility into the external components of your applications. With binary analysis, Lucent Sky AVM has long enabled developers and security professionals to scan external libraries for unknown vulnerabilities even when their source code is not available. In version 2103, we also added the ability to scan public libraries, either in source code form or binary form, for known vulnerabilities such as those published in the National Vulnerability Database.
A recent trend in software development lifecycle is “configuration as code”. By storing build and testing configurations along with source code, stakeholders can greatly improve the portability of their codebase. In version 2103, scan settings for Lucent Sky AVM can also be stored in YAML configuration files, allowing tighter integration of security testing and vulnerability remediation with the rest of the SDLC.
If you are using Lucent Sky AVM Enterprise or Standard Edition (either on-premise or cloud) and have an active subscription, you can update to 2103 MR immediately. Our support team will reach out to you shortly to schedule an update. If you are using Lucent Sky AVM On-Demand, your server will be updated to 2103 MR in the next few days.