Versions Compared

Old Version 161

changes.mady.by.user Laura Mandolini

Saved on

compared with

New Version 162

changes.mady.by.user Laura Mandolini

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Firmware Reviewer Cloud Service provides in-depth firmware analysis (binaries, file systems, containers, virtual machines, IoT, UEFI, Appliances, Network Devices, Smart Meters, Surveillance devices, Drones, etc.), allowing to explore vulnerabilities at the same time to keeping the software securely in your own hands, for your eyes only. It can be used for a bunch of binary file formats, withNo need of related physical device. Further, we offer a Firmware Image Check certification.

...

Firmware analysis is a tough challenge with a lot of tasks. Many of these tasks can be automated (, completely automated byb Firmware Reviewer, either with new approaches or incorporation of existing tools) , so that a security analyst can focus on his main task: Analyzing the firmware (and finding vulnerabilities).

...

It is available in Cloud. You can plan your own Tasks by choosing the ones available over 100+For further explanation, please take For further explanation, please take a look to FAQ section.

Main Topics

...

Accelerate digital transformation with comprehensive security across your IoT/OT infrastructure. Firmware Reviewer providers a comprehensive REST API interface to be easily integrated to your Sec/DevOps pipeline:

  • In-depth Firmware analysis, Secured Dashboard, Compliance Reporting and REST APIs

  • Full visibility into assets and risk across your entire IoT/OT environment

  • Continuous monitoring for threats and vulnerabilities, with IoT/OT-aware behavioral analytics and threat intelligence with integrated alerting system

  • Interoperability with SIEM/SOAR and XDR platforms to stop attacks with automated, cross-domain security

...

Firmware Reviewer, further to its own engine, makes use of other well-known platforms, like FACT (Firmware Analysis Comparison Tool), Intel ME Analyzer, RedBoot, FirmWalker, Firmware Modification Kit, angr, Radare, Firmware Analysis Tool, Firmadyne, ByteSweep,Karonte,FWAnalyzer,Ghidra,FIT, IoTSecFuzz, EXPLioT, CapStone Framework and Binwalk engines to analyze and compare different versions against vendor's databases, Karonte Dataset and Fraunhofer Institute database. Analysis are normalized and correlated, presenting a unique dashboard. This is possible through our Plugin Developer’s ToolkitInfrastructure.

...

Firmware Reviewer shares FACT (Firmware Analysis Comparison Tool) architecture, adding a lot of new features (Tasks Plan automation included). Respect than FACT, it is more flexible on hardware configuration, while enhancing performances 12x.

...

  • Back-end Linux Engine. Includes an automated and scalable (and clusterizable) system for performing Emulation and Dynamic Analysis. Backend emulation machine can be detached.

...

  • Database based on scalable MongoDB

...

  • REST API interface. Integration is easy as well since we provide a /wiki/spaces/KC/pages/1406631937 covering almost all features

  • Agent. Optionally used in encrypted firmwares and to gain access credentials. Our /wiki/spaces/KC/pages/1455980582 gives the user the ability to make changes to a firmware image without recompiling the firmware sources. It works by extracting the firmware bootloader parts, then extracting the file init system image, and rebuild the bootloader

  • Plugin Developer's toolkit. It provides a framework for Plugin Development. New Unpackers are implemented as plug-ins, as well as Analysis features and Compare functionalitiesDynamic Analysis. Backend emulation machine can be detached.

...

  • Database based on scalable MongoDB

...

  • Alert System. You can send alert on: Analysis process started, Analysis process terminated, Vulnerability threshold, User’s access. Alert platforms: Slack, WebHooks.

...

The OWASP Firmware Security Testing Methodology is composed of nine stages tailored to enable security researchers, software developers, consultants, hobbyists, and Information Security professionals with conducting firmware security assessments. Firmware analysis is a tough challenge with a lot of tasks. Many of these tasks can be automated (either with new approaches or incorporation of existing tools) so that a security analyst can focus on its main task: Analyzing the firmware (and finding vulnerabilities). Firmware Reviewer implements this automation leading to more complete analysis as well as a massive speedup in vulnerability hunting and is able to assist you during all the nine stages:

...

Firmware Reviewer automatically addresses those UK Government Guidelines. However, there have been different IoT Security guidelines published by different parties as good practices or baselines while there is no global standard for IoT Device Security, which as a result has created confusions in both vendors and users. They not only know which guidelines they should follow or which practices they should apply but also find a significant number of the practices impractical or irrelevant to their cases.

Unique Features

...

  • Analyze files on multiple different environments in parallel

  • Use any prepared image to detect APTs and harden against evasive malware

  • Unique, Highly configurable Hybrid Analysis Technology that analyzes full process memory

  • Extensive third-party integrations (e.g. IP cross-reference checks, whitelisting)

  • Advanced anti-analysis detection (e.g. action scripts that simulate human behavior)

  • Threat Score (quickly understand the malicious impact of your artifact), further to Compliance Standards

  • Compare between different versions

...

Comparison between Versions

The File Compare check is a mechanism to compare a file from a previous run with the file from the current run. It provides more insights into file changes, since it allows comparing two versions of a file rather than comparing only a digest. Last, the Tree Check will produce an informational output listing new files, deleted files, and modified files. Firmware Reviewer can compare several images or single files. Furthermore, Unpacking, analysis and compares are based on plug-ins guaranteeing maximal flexibility and expandability.

...

In many cases you might want to compare Firmware samples. For instance, you might want to know if and where a manufacturer fixed an issue in a new firmware version. Or you might want to know if the firmware on your device the original firmware is of provided by the manufacturer. If they differ, you want to know which parts are changed for further investigation. Again, Firmware Reviewer is able to automate many of these challenges, like: Identify changed / equal files and Identify changed software versions.

...

DISCLAIMER: Firmware Reviewer never operates on physical devices. Security Reviewer declines all responsabilities derived by inappropriate use of Firmware Reviewer software.

COPYRIGHT (C) 2014-2022 SECURITY REVIEWER SRL. ALL RIGHTS RESERVED.