Introducing Binarly Transparency Platform 2.0

Empowering secure-by-design at scale

Detect and remediate known and unknown vulnerabilities at every step of the device and software supply chain.

The Binarly difference:

Advanced Binary Risk Intelligence

Known vulnerabilities are just the tip of the iceberg in today's complex firmware and software supply chains. 

That's why, instead of merely mapping binaries to a list of known vulnerabilities, we go beneath the surface to understand how the code executes. This approach allows Binarly to identify entire classes of defects, beyond just known issues - across software, firmware and containers - and to do so more rapidly with near-zero false positives.

Proactively Manage Vulnerabilities

-
Detect known vulnerabilities and entire classes of those not yet disclosed, while ensuring uniform use of build time mitigations.

Identify Transitive Dependencies

-
Stop relying on SBOMs alone. Detect binary dependencies, including transitive ones.

Detect Malicious Code

-
Find firmware implants and other malicious code based on behavior analysis.

Resolve Vulnerabilities Quickly

-
Prescriptive and verified fixes make resolution painless.

Understand Release Changes

-
Instantly understand the difference between releases.

Continuous Assessment and Reporting

-
Integrate with CI/CD to maintain security. Use reporting to demonstrate compliance with legal and security frameworks.

License Compliance and Cryptographic Security

-
Detect license terms and insecure cryptographic patterns to address issues proactively.

How does Binarly work?

LORMES
Binarly redefines firmware and vulnerability management without needing source code. Here's how we do it:
  • Automated Binary Analysis
  • Zeroing In On What Matters
  • AI-assisted Vulnerability Management
  • Surfacing Software Supply Chain Insights
  • Continuous Compliance Monitoring
Explore Binarly's Capabilities
Arrow indicating link

A research driven product

The Binarly team has its roots in research with decades of experience uncovering and understanding advanced malware threats, firmware, and hardware vulnerabilities. The Binarly Lab has led the coordinated disclosure of nearly 500 vulnerabilities—including LogoFAIL, which affected billions of devices—utilizing the advanced analysis techniques now only available through the Binarly Transparency Platform.

How to get started with Binarly

TIERS
We’re here to assist in your selection process and customize a package to meet your needs.
Explore Product Packages
Arrow indicating link

Our latest

News

Binarly Launches Next-Generation Transparency Platform to Elevate Software Supply Chain Security

Today’s reality is that security solutions cannot keep pace with the scale of a problem that requires a more comprehensive approach and visibility. Binarly Transparency Platform v2.0 is delivering a new actionable and data-driven paradigm for how security teams and software developers should detect, analyze, and fix or react to software security risks.
Arrow indicating Link

Binarly Releases Free Detection Tool for XZ Backdoor

Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
Arrow indicating Link

Advisories

[BRLY-2024-002] OOB Read in Lighttpd 1.4.45 used in Intel M70KLP series firmware

BINARLY team has discovered a Heap Out-of-bounds Read vulnerability in the web server component of Intel BMC firmware, allowing a potential attacker to exfiltrate sensitive information from Lighttpd process memory.
Arrow indicating Link

[BRLY-2024-003] OOB Read in Lighttpd 1.4.35 used in Lenovo BMC firmware

BINARLY research team has discovered a Heap Out-of-bounds Read vulnerability in the web server component of Lenovo BMC firmware, allowing a potential attacker to exfiltrate sensitive information from Lighttpd process memory.
Arrow indicating Link

Articles

Next Gen Binary Risk Intelligence: Introducing Binarly Transparency Platform v2.0

We've incorporated a year of research and feedback into Binarly Transparency Platform v2
Arrow indicating Link

How an old bug in Lighttpd gained new life in AMI BMC, including Lenovo and Intel products

Binarly Research Team shows crucial risks that affect security of BMC firmware supply chain ecosystem. We’ve assigned three Binarly identifiers BRLY-2024-002, BRLY-2024-003, BRLY-2024-004
Arrow indicating Link

Transform your software supply chain security strategy

Talk to our team to find out how Binarly can reduce your risk.
Let's start a conversation     
Arrow indicating link