The fully-featured enterprise version of Firmalyzer is the first cloud/on-premises automated firmware security analysis solution for
IoT device vendors, security labs and enterprise device users. It can help device vendors and security labs easily and quickly perform the compliance checks on the devices firmware. It is also a great solution for enterprises to perform risk assessment on the devices deployed in their enterprise networks, which are usually ignored and become the targets of IoT botnets.
Firmalyzer enterprise:
- Does not require any source code, just a single binary firmware is enough
- Can unpack more than 30 types of compressed firmware images
- Can identify a large number of components and their versions used in IoT devices including 3rd party applications and libraries
- Shows known vulnerabilities of the detected components including complete details ( the vulnerability database is always synced with NVD )
- Shows issues in configuration files and ways to fix them
- Can scan and find bugs in PHP, Python, Java and JavaScript files inside a firmware
- Can identify cryptographic issues such as problematic certificates or hard-coded private keys
- Can perform deep binary analysis on each binary executable file inside firmware and show lots of hints about potential unknown vulnerabilities
- Shows complete details of each file inside the firmware
- Assists compliance and due diligence activities by searching copyright notes in each file content inside a firmware
- Provides the ability to define advanced queries based on different factors and perform an advanced search
- Shows different analytic reports such as riskiest firmwares or risk ratio
- Can export results in Excel, CSV and PDF formats
