How does Firmalyzer discover and prioritise IoT risks?
Device discovery: Firmalyzer discovers manufacturer name, model and firmware version of OT/IoT devices by performing safe network probing that does not interfere with device operation. It does not perform network traffic collection or inspection that can cause data privacy issues.
Vulnerability identification: Firmalyzer vulnerability detection engine is specifically built for enterprise OT/IoT device security and is based on our global-scale proprietary firmware vulnerability knowledgebase of that is constantly growing and evolving automatically as our analysis engine automatically collects and processes new device firmware binaries on behalf of device manufacturers and consumers. Through this knowledgebase, our vulnerability detection engine gains in-depth visibility into the applications running on a target OT/IoT device, their vulnerabilities and exact device specific security tests that should be performed on the device. Firmalyzer also keeps tracking vulnerable devices as they change IP address or move around the network.
Integration with 3rd party solutions: Firmalyzer can automatically pull OT/IoT device manufacturer name, model and firmware version from your existing asset discovery or vulnerability management solutions. Automatic security alerts can also be configured for integration with SIEM solutions.