ReFirm Labs Announces Fall 2019 Release of Updates to Its Flagship IoT and Firmware Security Platform
ReFirm Labs, a provider of the industry’s first proactive IoT and firmware security solutions, today announced the Fall 2019 release of updates to its flagship Centrifuge Platform®. The first solution that proactively manages the security of firmware, a specific class of software that provides the low-level control for the hardware of an IoT device, Centrifuge Platform® can identify and report firmware abnormalities and vulnerabilities in less than 30 minutes, allowing companies to quickly analyze their firmware for hidden dangers and respond immediately to potential weak spots.
The Fall 2019 updates include:
On-premise deployment: For organizations that have legal requirements that prohibit them from performing firmware security analysis in a secure cloud environment, Centrifuge Platform® now offers an on-premise deployment including air-gapped networks. Its on-premise deployment, including updates and upgrades, is fully automated even when physically isolated from an internet-connected network, and simplifies user management and authentication by seamlessly integrating with Active Directory.
Faster static and dynamic binary analysis: The speed with which Centrifuge Platform® identifies potential zero-day vulnerabilities and then dynamically emulates them has been increased by up to three times.
Enhanced cryptographic analysis: Centrifuge Platform® has added a new, higher level analysis of crypto material that identifies and highlights key issues such as expired and revoked certificates, weak signing, and dangerous private keys delivered in the same firmware. It also shows linkages between certificate chains and public/private key pairs.
Improved file system extraction support: Centrifuge Platform® now provides extraction support bzip2 and ext2/4 files, along with improved support for zip, gzip, JFFS2 and cpio files. It also can now support very large, multi-gigabyte firmware images.
PDF summary reports: Centrifuge Platform® now offers a graphical summary of detailed information about the security of firmware images, formatted as a PDF file. Designed as easy-to-understand, actionable information, the PDF report allows information sharing about firmware vulnerabilities with product leadership, suppliers, customers and other stakeholders. The PDF report links to more detailed information with the entire analysis results available in JSON or CSV format.
“These newest updates to our Centrifuge Platform enable developers and penetration testers to work faster with a wider range of file systems while efficiently managing a greater amount of cryptographic information about potential vulnerabilities in the firmware that power IoT devices,” said Derick Naef, CEO of ReFirm Labs. “With the additions of a new reporting feature that provides easy-to-understand graphical summaries for sharing findings and a new on-premise deployment option, we’re excited to roll out these new set of features that increases both effectiveness and productivity for security teams.”
Highly scalable, automated and cloud-based, Centrifuge Platform® identifies and reports potential zero-day vulnerabilities, hidden crypto keys, backdoor passwords and already known vulnerabilities in IoT devices, all without needing access to source code. A simple and reliable way for monitoring security across an entire system of deployed IoT devices without the need for agents or access to the network itself, Centrifuge Platform® has been proven to increase productivity for security teams while reducing the number of breaches on internet-connected devices.
For more information about Centrifuge Platform®, go to https://www.refirmlabs.com/centrifuge-platform.
About ReFirm Labs
ReFirm Labs provides the industry’s first IoT and firmware security solutions that proactively vet, validate and continuously monitor IoT devices from hidden threats. Its flagship product, Centrifuge Platform®, detects and reports potential zero-day exploits, hidden crypto keys, backdoor passwords and known vulnerabilities in IoT devices without needing access to source code. ReFirm Labs’ technology has been proven to provide the insight and intelligence needed for users to proactively defend connected devices and maintain compliance and the integrity of supply chain security. Founded by a team of former NSA offensive cyber operators, ReFirm Labs is trusted by government agencies and Fortune 500 companies that operate in a wide variety of industries, including: telecommunications, cloud infrastructure and data centers, automotive, health care, utilities, and manufacturing. For more information, visit http://www.refirmlabs.com or follow on Twitter @ReFirmLabs.