CIO Influence
Analytics CIO Influence News Networking

Finite State Enhances Automated Zero Day Detection for Connected Devices

Finite State Enhances Automated Zero Day Detection for Connected Devices
Capability helps device manufacturers find vulnerabilities in packages from their suppliers

Vulnerabilities in the software supply chain are costing device manufacturers business. Threats like Treck TCP/IP and ThroughTek Kalay P2P SDK continue to emerge, and according to a recent Ponemon Institute report, nearly 60% of organizations have lost revenue due to product security concerns. Finite State, the product security leader for connected devices, has unveiled a way to reduce the business risk of those vulnerabilities through advanced binary analysis.

“Our advanced binary analysis finally gives manufacturers visibility into these packages that are being added to their firmware unchecked.”

Device manufacturers use board support packages (BSPs) and software development kits (SDKs) from third-party vendors and developers, often without knowing what is inside them. Because these packages are essentially black boxes, any insecure configuration files make it easier for threat actors to carry out privilege escalation attacks, brute force attacks, and other potentially disastrous breaches.PREDICTIONS SERIES 2022

Top iTechnology AIOps News: Quectel Launches New Generation of Flagship Android Smart Module

Finite State’s advanced binary analysis enhances automated zero-day vulnerability detection to eliminate blind spots in developer libraries. This capability goes beyond the source code-based software as a service (SaaS) offerings to catch the vulnerabilities those tools miss.

“Manufacturers are inherently trusting the developers of SDKs and BSPs, but recent vulnerabilities like Log4j, ThroughTek, Realtek, and DNSpooq prove they shouldn’t be so trusting,” said Jeff Martin, VP of Product at Finite State. “Our advanced binary analysis finally gives manufacturers visibility into these packages that are being added to their firmware unchecked.”

In addition to making it possible for security teams to see into these black boxes, Finite State’s advanced binary analysis saves them the time and effort of extensive manual testing. This essential feature ensures that products are more secure before they are shipped and allows organizations to quickly assess their third-party components for zero-day vulnerabilities and Common Vulnerabilities and Exposures (CVEs) to protect customer relationships, brand reputation, and potential loss of revenue.

Top iTechnology Networking News: Crosschq Expands Global Offering with the Addition of Multilingual Localization Capabilities

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

EdgeConneX Lauded by Frost & Sullivan for Delivering a Full Spectrum of Data Center Solutions to Its Customers

CIO Influence News Desk

SCADAfence Partners With Keysight Technologies To Provide Visibility And Industrial Cyber Security For OT Infrastructures

CIO Influence News Desk

Expanded Global Channel Partner Ecosystem Supports Infinidat’s Enterprise Revenue Growth In 2020

CIO Influence News Desk

Leave a Comment