Introducing Binarly Transparency Platform 2.5

Empowering secure-by-design at scale

Detect and remediate known and unknown vulnerabilities at every step of the device and software supply chain.

Advanced Binary Risk Intelligence

Known vulnerabilities are just the tip of the iceberg in firmware and software supply chains. 

That's why, instead of merely mapping binaries to a list of known vulnerabilities, we go beneath the surface to understand how the code executes,  identifying entire classes of defects, beyond just known - across software, firmware and containers - rapidly with near-zero false positives.

Proactively Manage Vulnerabilities

-
Detect known vulnerabilities and entire classes of those not yet disclosed, while ensuring uniform use of build time mitigations.

Identify Transitive Dependencies

-
Stop relying on SBOMs alone. Detect binary dependencies, including transitive ones.

Detect Malicious Code

-
Find firmware implants and other malicious code based on behavior analysis.

Resolve Vulnerabilities Quickly

-
Prescriptive and verified fixes make resolution painless.

Understand Release Changes

-
Instantly understand the difference between releases.

Continuous Assessment and Reporting

-
Integrate with CI/CD to maintain security. Use reporting to demonstrate compliance with legal and security frameworks.

License Compliance and Cryptographic Security

-
Detect license terms and insecure cryptographic patterns to address issues proactively.

Trusted by

Logo 1
Logo 2
Logo 3
Logo 4
Logo 5
Logo 6
Logo 7
Logo 1
Logo 2
Logo 3
Logo 4
Logo 5

How does Binarly work?

LORMES
Binarly redefines firmware and vulnerability management without needing source code. Here's how we do it:
  • Automated Binary Analysis
  • Zeroing In On What Matters
  • AI-assisted Vulnerability Management
  • Surfacing Software Supply Chain Insights
  • Continuous Compliance Monitoring
Explore Binarly's Capabilities
Arrow indicating link

A research driven product

The Binarly team has its roots in research with decades of experience uncovering and understanding advanced malware threats, firmware, and hardware vulnerabilities. The Binarly Lab has led the coordinated disclosure of nearly 500 vulnerabilities—including LogoFAIL, which affected billions of devices—utilizing the advanced analysis techniques now only available through the Binarly Transparency Platform.

How to get started with Binarly

TIERS
We’re here to assist in your selection process and customize a package to meet your needs.
Explore Product Packages
Arrow indicating link

Our latest

News

Binary Risk Hunt: A Free Vulnerability Scanner With SBOMs

business wire release for Binary Risk Hunt
Arrow indicating Link

Binarly to Unveil New Findings on Critical PKfail Issue at LABScon 2024

Binarly will present significant new insights into the critical PKfail vulnerability at this week’s LABScon 2024 conference. The research will be presented by Binarly founder and CEO Alex Matrosov, alongside vulnerability research lead, Fabio Pagani.
Arrow indicating Link

Advisories

[BRLY-2023-022] Command injection vulnerability in Supermicro BMC IPMI firmware

BINARLY team has discovered a command injection vulnerability in the web server component of Supermicro BMC IPMI firmware, allowing a possible attacker to execute arbitrary code.
Arrow indicating Link

[BRLY-2023-023] Stored cross-site scripting vulnerability in Supermicro BMC IPMI firmware in the man_ikvm_html5_bootstrap webpage using lang local storage item

BINARLY team has discovered a stored DOM-based cross-site scripting (XSS) vulnerability in the man_ikvm_html5_bootstrap webpage that uses lang local storage item, included in the web server component of Supermicro BMC IPMI firmware, allowing a possible attacker to gain access to an account with administrator privileges.
Arrow indicating Link

Articles

Meet Binary Risk Hunt: A Free Vulnerability Scanner With SBOM Generation

Binarly releases Binary Risk Hunt, a free vulnerability scanner with software bill of material generator.
Arrow indicating Link

CVE-2024-36435 Deep-Dive: The Year’s Most Critical BMC Security Flaw

This vulnerability got our attention for many reasons: firstly, the vendor agreed on the critical impact; and secondly, the nature of the vulnerability where an unauthenticated user can remotely trigger the code flow with a simple post request and cause the arbitrary code execution over classical stack overflow (CWE-121).
Arrow indicating Link

Transform your software supply chain security strategy

Talk to our team to find out how Binarly can reduce your risk.
Let's start a conversation     
Arrow indicating link