Header bannerHeader banner

Binarly Releases FwHunt.run Project to Scale Firmware Threat Detection

With the firmware supply chain repeatable failures, industry needs a solution capable of effectively detecting known vulnerabilities at scale.

Pasadena, CA - June 2, 2022 -- Binarly Inc., providers of the industry’s first AI-powered firmware protection platform, today released a new project and enhanced tools and rulesets to help organizations address weak spots in the firmware supply chain.

The new project --  available at FwHunt.run -- is a free service that helps security response teams to quickly scan UEFI firmware images against the never-ending stream of vulnerabilities and weaknesses in the complex firmware ecosystem.

“FwHunt.run is a great place to quickly test your firmware image against the recently disclosed security issues to ensure nothing is left unpatched. The industry needs a place to check UEFI firmware images for publicly known vulnerabilities and documented in-the-wild threats. We are excited to provide this service to the community,” said Alex Matrosov, co-founder and CEO of Binarly.

The FwHunt.run tool uses rules from Binarly's public github repository and Binarly has ensured its public advisories have matching FwHunt rules to enable detection at scale of publicly disclosed vulnerabilities.

“Assessing the impact of a known firmware vulnerability in a customer environment, at scale, is a problem without a viable solution. Binarly developed the FwHunt rule format that encapsulates the semantic context around a known vulnerability to detect it while reducing false positives,” said Claudiu Teodorescu, co-founder and CTO of Binarly.

“The Binarly team is constantly working to protect the firmware supply chain and reduce the attack surfaces of our customers industry-wide by delivering innovative technologies to the market. Based on our experience we understand that fixing the vulnerability for a single vendor is not enough. As a result of the complexity of the firmware supply chain, there are gaps that are difficult to close on the manufacturing end since it involves issues beyond the control of the device vendors,” Matrosov said.

“Tools like FwHunt.run and fwhunt-scan are important to help protect the firmware supply chain from the repeatable failures we can see in-the-wild. Providing such free tools to the security community is our commitment to the industry-wide firmware supply chain security and helps companies recover from massive numbers of repeatable failures happening in their devices,” Matrosov added.

In addition to the FwHunt.run project, Binarly also announced major enhancements to its Firmware Hunt (FwHunt) technology, which is widely used in the industry to scale detection for known vulnerabilities and threats.

With open-source FwHunt 2.0 rule specification, Binarly has added the following new features:  - Multiple variants of the same vulnerability or threat can now be detected with a single rule through improved detection logic coverage.  - Improved code analysis and pattern matching with logical operators to create more context for the threat detection efficiency.

The FwHunt open-source Community Scanner has been integrated into LVFS and is recommended by CERT/CC for detecting known firmware vulnerabilities at scale.

Additional technical information on FwHunt 2.0 is available on the Binarly research blog.

About Binarly

Founded in 2021, Binarly brings decades of research experience identifying hardware and firmware security weaknesses and threats.  Based in Pasadena, California, Binarly’s agentless, enterprise-class AI-powered firmware security platform helps protect from advanced threats below the operating system. The company’s technology solves firmware supply chain security problems by identifying vulnerabilities, malicious firmware modifications and providing firmware SBOM visibility without access to the source code. Binarly’s cloud-agnostic solutions give enterprise security teams actionable insights, and reduce the  cost and time to respond to security incidents.

Contact

[email protected]

818.351.9637