Cyber Supply Chain Risk Management

Cyber Supply Chain Risks

Firmware security experts increasingly view the cyber supply chain as a risk to product security

Ask yourself these basic questions:

  • Am I certain intentional backdoors or malware do not exist in the components provided by my vendors?
  • How do I verify if modifications were made to the firmware before it was delivered and installed?
  • What potential vulnerabilities could exist in the future from my suppliers using insecure code that will be found and exploited in the future?

The ReFirm Labs Centrifuge Platform provides a clear view of cyber supply chain risk. It is like a CT Scan providing a detailed look inside supply security.

No Source Code? No Problem!

Firmware images and libraries delivered to you as binaries–without access to source code–do not have to be risky black boxes.

By using the Centrifuge Platform, you leverage our industry-standard Binwalk to unpack and extract the filesystems from your firmware.

The automated analysis engines identify for you:

  • backdoor accounts
  • weak passwords
  • out of date and vulnerable software components
  • potential 0-days

All without you needing source code or installing embedded software agents!

Software Bill of Materials (SBOM)

Forrest Gump said it best, “Life is like a box of chocolates. You never know what you’re gonna get.”

But with ReFirm Labs’ software bill of materials, you will know exactly what you’re gonna get inside a firmware image!

Now you can stay one step ahead as regulations and security conscious customers begin to require vendors to disclose their SBOM for new equipment.

Ongoing monitoring

Receive alerts in near real-time about new threats impacting your devices

Did you know it takes only 3 days to exploit your device once a vulnerability is discovered?

Imagine knowing immediately if a newly discovered threat will impact your products?

The Centrifuge Guardian is your real-time warning system.

Just like a weather alert warns you of a potential storm, Centrifuge Guardian warns you of a potential exploit before it happens.

Exploits & Malware Lurking in your Firmware?

A chain is only as strong as its weakest link.

Your IoT devices are probably comprised of many different components from your supply chain.

Therefore, a vulnerability in just one component from your supply chain may be present in multiple products you make!

If you use the Security Checklist feature, you can identify known malware and exploit threats lurking in your products you didn’t know were there!