Binarly today announced the general release of its Transparency Platform, which provides unprecedented transparency for device supply chains, allowing manufacturers of devices and endpoint protection products to comprehensively analyze the firmware and hardware in order to identify vulnerabilities, misconfigurations and deployment of malicious code.
The Binarly Transparency Platform is designed to identify vulnerabilities and malicious threats in code, seamlessly integrating as a security component of an SDLC or CI-CD mainline or further down the supply chain. The platform takes security to the next level by adding verification of dangerous misconfiguration at the device level, ensuring organizations can effectively monitor and mitigate risk throughout the lifecycle of their devices.
At the core of the transparency platform is a vulnerability analysis engine, which leverages deep code inspection to detect vulnerabilities in analyzed firmware images. This powerful tool provides organizations with crucial information about the existence of known vulnerabilities, allowing them to address potential threats before they can be exploited.
Binarly Transparency Platform Capabilities:
Firmware Similarity Analysis – Allows developers and security analysts to perform binary-level comparisons of firmware images by quickly detecting any modifications, deletions or potential threats caused by unintentional errors or deliberate attacks.
Deep vulnerability analysis – Uses deep code analysis and AI/ML to discover previously unknown vulnerabilities in known classes. Identifies vulnerable code patterns in firmware binaries, exposing coding errors and misuse of services. The Binarly Transparency Platform identifies specific firmware vulnerabilities by providing risk scoring to help security teams prioritize and expedite security updates.
SBOM and dependency analysis – The Binarly Transparency Platform takes a zero-trust approach to SBOMs by scrutinizing firmware images to reveal all code components. This allows the platform to form a dependency graph and identify third party dependencies, not just relying on hashes, but reconstructing the truth from the binary code.
Also Read: Critical Cybersecurity Crime Developments to Focus on in 2023
“The capabilities built into the Binarly Transparency Platform are already helping customers reduce the number of security risks from threats below the operating system. Our technology is designed to proactively detect new threats and identify vulnerabilities and, most importantly, make these actionable insights for advocates,” said Binarly Executive Director Alex Matrosov.
Over the past year, we have worked closely with our development partners and customers, who have already started to experience significant benefits from the platform’s features:
Feedback from customers and users:
“Binarly has a unique approach to securing firmware, developed by some of the most innovative minds in the field. They have decades of experience in understanding and researching the problem from the hardware forward, along with a modern, scalable approach to bringing the value of firmware security to any organization. The visibility and control offered is unsurpassed.”
Ryan Permeh – Partner at Syn Ventures
“We value the work that Binarly is doing to help make the firmware more secure and appreciate their professionalism in working with us to report these issues in a timely manner. Their AI-driven approach to identifying threats is proving to be a valuable tool to help deliver firmware security more intensely.”
Tim Lewis – Chief Technology Officer at Insyde
“Binarly’s binary code analysis is extremely effective at finding vulnerabilities in upstream libraries where access to the source may not be possible. When Binarly found unknown vulnerabilities in our BIOS, it provided detailed information, including where the vulnerability was and the impact associated with it. It then worked directly with our BIOS vendor to fix the upstream vulnerabilities.”
Kieran Levin – Lead System Architect at Framework Computer
“At AMI, we take firmware security seriously, which is why we are excited to partner with Binarly on securing the supply chain. By working together, AMI is in a better position to ensure that our customers’ firmware be protected from potential threats, peace of mind and the ability to focus on what they do best, which is creating innovative solutions that drive their business forward.”
Brian Mullen – Senior Manager of Software Security at AMI
The Binarly Transparency Platform embodies decades of experience from its research team, who by making pre-release use of this platform, have consistently exposed repeatable flaws in various types of UEFI firmware. In one year, the team disclosed 228 high-impact vulnerabilities and cooperated with multiple parties to help the industry mitigate the risk of a multitude of firmware vulnerabilities.
With the general availability of the platform, customers can bring these capabilities to their security organizations immediately.
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.