June 19, 2024
Welcome to Lucent Sky AVM version 2406 MR. As we continue to enhance the new binary analysis process that was introduced in version 2403, this release includes enhancements on binary analysis that provide more context and better remediation for vulnerabilities when source code is not available. It also includes source code analysis improvements, UX improvements on reporting, support for new technologies such as PHP 8.3, and takes advantage of the latest advancements in ML-augmented hybrid analysis and vulnerability remediation. To learn more about this release, visit Lucent Sky AVM version 2406 release notes.
Let’s take a look at the prominent new features, enhancements, and important changes in version 2406.
Built on the new binary analysis process that was introduced in version 2403, new enhancements to the Java binary analysis engine allow it to provide more context to vulnerabilities identified in binary files that do not have debug symbols or the corresponding source code. Context such as the canonical names and method names of function calls that are involved in the vulnerability can help developers and stakeholders more effectively resolve the vulnerability in source code. In addition, ML-agumented remediation can generate remediation guidance specifically applicable to those vulnerabilities, accelerating their remediation.
While the interactive HTML reports provide a context-rich experience when reviewing and remediating vulnerabilities, it can take a long time to load when the scan contains a large number of results. A “quick mode” is introduced in version 2406 to alleviate this. By collapsing result details and disabling automatic syntax highlighting, an HTML report with thousands of results opens up to 90% faster and uses 75% less memory. Use the result filters to expand the results by categories, and right-click a result will turn on syntax highlighting for its statements and remediation.
The dependency analysis engines switched to an updated hash algorithm for identifying software components and dependencies. While this allows for better correlation of dependencies across applications and projects, the change is breaking for customers who have suppression signatures for vulnerable dependencies. To learn more about these changes and how they might impact your Lucent Sky AVM instances, visit Lucent Sky AVM version 2406 release notes on Lucent Sky Docs.
For customers with managed Lucent Sky AVM instances and customers of Lucent Sky AVM On-Demand, your servers will be updated to 2406 MR in the next few days, unless they are affected by backward compatibility issues or an opt-out is in effect.
For customers with on-premise Lucent Sky AVM instances, you can update to 2406 MR immediately. Our support team will reach out to you shortly to schedule the update.