Product Security Assessments

Elevate your quality assurance program to the next level

Leverage our team of cyber security experts

Whether you’re a device manufacturer with a QA / QC team, or an organization down the supply chain with a product security team, you want to cover all your security bases.

A product security assessment using ReFirm Labs’ Centrifuge Platform provides your product the best-in-class level of firmware security it deserves.

Penetration testing is no longer sufficient

Here’s why…

  • Traditional penetration testing of a device only gives a view of one potential attack vector.
  • Firmware is the new, emerging attack vector favored by hackers and nation-states.
  • Backdoors with remote persistent access will never be discovered by penetration testing. ReFirm Labs’ Centrifuge Platform discovers these hidden attack vectors. It’s like a CT Scan for your firmware image.
  • It provides a deep-dive look into the firmware security without the need for source code or software agents.

Ready to save time, save money, and ship securely?

Here’s how…

If you’re one of the lucky few to have a firmware security expert on your team, chances are they use Binwalk for firmware extraction. Once extracted, they will use a variety of tools and scripts to begin their lengthy analysis to find vulnerabilities that may or may not be a threat.

The Centrifuge Platform automates the discovery process – for one team it replaced a 30-step manual process, generating a detailed security audit in under 1 hour. The Centrifuge Platform:

 

  • delivers you actionable results, faster, and at lower cost
  • provides you a rich set of security details – we eliminate useless details that can be a time-sink for teams and frees up your expensive security engineers to focus on higher priority tasks

How ReFirm Labs and the Centrifuge Platform stack up to the competition

It’s well known that traditional source code and binary static analysis tools have a reputation for generating tons of false positives – overwhelming developers, vendors, and security engineers.

The ReFirm Labs patent-pending methodology combines a unique static and dynamic analysis pipeline to identify only those pieces of code that actually generate controllable faults or command injections – reducing the universe of potential exploits and 0-days by an order of magnitude… which means precise, actionable results you can actually address.

Firm up the Firmware

Whether it’s backdoor accounts, weak passwords, out-of-date and vulnerable software components, or potential 0-days, the Centrifuge Platform delivers detailed remediation recommendations to guide your developers and suppliers on how to make the firmware meet your security policy.

Centrifuge provides on-going firmware security monitoring to keep your products secure for the duration of their lives.

No installed agents required.

Contact us to schedule a consultation and firm up your firmware.