Abstract: Provided are methods and systems for evaluating security of firmware. An example method may include acquiring a firmware image of firmware associated with at least one computing device. The method may include extracting at least one component of the firmware image. The method may include analyzing the component to detect at least one vulnerability of the firmware. The method may also include estimating, based on the at least one vulnerability, a security risk level of the firmware. The method may further include providing a report regarding the security risk level and the at least one vulnerability of the firmware. The analysis may include determining that the component matches a specific file or contains a specific string or a specific pattern. The analysis may include detection of a cryptographic key or password hash in the component and determining a level of weakness of the password hash.

Abstract: Continuous monitoring for detecting firmware threats is provided herein. An example system includes a processing pipeline that receives a firmware image from an entity, an extractor that receives the firmware image through the processing pipeline, the extractor being configured to determine and extract files within the firmware image, a task queue that receives the extracted files and one or more analyzers that: obtain the files from the task queue; and perform at least one type of vulnerability analysis on the files. The system includes a database that stores a log of the at least one type of vulnerability analysis, the log being associated with any of the firmware image and a device identifier of the device.

Abstract: Provided are methods and systems for evaluating security of firmware. An example method may include acquiring a firmware image of firmware associated with at least one computing device. The method may include extracting at least one component of the firmware image. The method may include analyzing the component to detect at least one vulnerability of the firmware. The method may also include estimating, based on the at least one vulnerability, a security risk level of the firmware. The method may further include providing a report regarding the security risk level and the at least one vulnerability of the firmware. The analysis may include determining that the component matches a specific file or contains a specific string or a specific pattern. The analysis may include detection of a cryptographic key or password hash in the component and determining a level of weakness of the password hash.

Abstract: Continuous monitoring for detecting firmware threats is provided herein. An example system includes a processing pipeline that receives a firmware image from an entity, an extractor that receives the firmware image through the processing pipeline, the extractor being configured to determine and extract files within the firmware image, a task queue that receives the extracted files and one or more analyzers that: obtain the files from the task queue; and perform at least one type of vulnerability analysis on the files. The system includes a database that stores a log of the at least one type of vulnerability analysis, the log being associated with any of the firmware image and a device identifier of the device.