Binarly Inc., a cybersecurity company developing technologies to address repetitive security failures in the firmware supply chain, announced today that it has secured $3.6 million in funding from WestWave Capital and Acrobator Ventures. Seed funding. Well-known cybersecurity leaders Michael Sutton, Thomas ‘Halvar Flake’ Dullien, Jamie Butler, Ryan Permeh, Bryson Bort, Pedram Amini, Chris Ueland and David Mandel of Emerging Ventures also joined the array.
Binarly was co-founded by security pioneers Alex Matrosov and Claudiu Teodorescu , who have worked in hardware and software security at Nvidia, Intel Corporation, ESET, BlackBerry, Cylance and FireEye. Matrosov, an acclaimed researcher often awarded for discovering major vulnerabilities, is also the co-author of the seminal book Rootkits and Bootkits , which explains how to understand and respond to what lies deep within a machine boot. Sophisticated and advanced threats in process or UEFI firmware.
Binarly has built a SaaS platform for analyzing, understanding and responding to currently undetectable security threats hidden in the firmware layer. By combining machine learning and deep code inspection at the binary level, Binarly enables security teams to visualize hardware and firmware failures and recover from sophisticated attacks below the operating system in a simple manner.
Binarly has also developed its own technology for vulnerability management and protecting the firmware supply chain from repetitive failures. The company’s approach exploits the semantic properties of binary codes to improve detection accuracy by limiting the number of false positives.
So far this year, Binarly has coordinated the disclosure of 107 critical firmware security vulnerabilities affecting the entire enterprise device ecosystem . The company works with security response teams from Insyde, AMI, Lenovo, Dell, HP, HPE Technologies, Siemens, Fujitsu, Atos, Intel, AMD and many other vendors to reduce high-impact security issues across the computing landscape. Many of these vulnerabilities demonstrate the complexity of the firmware supply chain, disrupting the timing of patch delivery and identification of affected parties.
According to Matrosov: “The current industry approach is to use the current version number of firmware updates to detect risks associated with firmware and compare them against vulnerabilities and threats in public databases. This can lead to failures in the firmware supply chain because Known vulnerabilities that are not tied to a specific version number of the firmware version will go undetected, leaving an ‘open opportunity’ for attackers.”
“Assessing the impact of known firmware-based vulnerabilities at scale in customer environments is a problem for which there is no viable solution,” Teodorescu said. “We have developed FwHunt technology to add semantic context around known vulnerabilities to reduce false positives. report while ensuring detection.”
Binarly plans to use the investment to accelerate research and development programs, expand its best-in-class engineering team, and increase the adoption of its technology by enterprises and device manufacturers.
For more such updates follow us on Google News ITsecuritywire News