Lucent Sky AVM version 2212 MR released

December 20, 2022

Welcome to Lucent Sky AVM version 2212 MR, the final release of the year as 2022 draws to a close. This release includes major improvements on source code analysis engines and intelligence analysis algorithms, better compatibility with server-side scripting languages, and support for the latest technology stacks and security standards such as .NET 7, C# 11, Groovy 4, and CWE 4.9. Developers will enjoy a faster CLI, context-aware assistance in the Web UI, API key support for IDE extensions and dark mode support for Eclipse plug-in. For system administrators, API permissions can be managed using the Web UI and the CLI, and CRUD operations for users and groups are now available on the CLI. To learn more about this release, visit Lucent Sky AVM version 2212 release notes.

Improvements on intelligence analysis and source code analysis engines

Intelligent analysis allows Lucent Sky AVM to automatically detect which parts of an application that have changed comparing to the previous scan, then using multiple factors such as the scope of the changes, estimated number of vulnerabilities, and the performance of the instance to determine which parts of the application should be re-analyzed. In 2212 MR, we have made significant improvements on the intelligent analysis algorithms to be more efficient in deciding which parts of the application to re-analyze. Combined with improvements on the source code analysis engines, scans using intelligent analysis are up to 25% faster comparing to version 2209.

Managing API permissions on on-premise instances

In 2212 MR, the ability to manage API permissions has been extended to on-premise instances and can be set using the Web UI or the CLI. System administrators can use API permissions to achieve fine-grained control of what aspect of the instance and the underlying data a user can access. For example, by granting the Execute and Read permissions to the Auditors group, and adding the user accounts of auditors to be under the Auditors group and the built-in Guests group, these auditors will be able to view every applications and scans, while unable to create new application or scan.

Interface usability improvements

Context-aware assistance is available on the Web UI, providing documentations relevant to the current action. The CLI gained the ability to perform complete CRUD operations for users and groups, including user migration and API permissions management. Visual Studio extensions and Eclipse plug-in have been migrated to use API keys for authentication.

Support for new technology stacks and security standards

.NET applications targeting .NET 7 and using C# 11 are now supported. Java application using Groovy 4.0 are now supported. In addition, vulnerability categorization and information have been updated to CWE 4.9.

Updating to 2212 MR

If you are using Lucent Sky AVM Enterprise or Standard Edition (either on-premise or cloud) and have an active subscription, you can update to 2212 MR immediately. Our support team will reach out to you shortly to schedule an update. If you are using Lucent Sky AVM On-Demand, your server will be updated to 2212 MR in the next few days.