ObjectSecurity BinLens2024-11-18T14:35:40-08:00

 ObjectSecurity BinLens™

Automated Binary Vulnerability Analysis

Effortlessly uncover zero-day vulnerabilities in binaries with cutting-edge accuracy and minimal false positives.

Why?

Conventional cybersecurity approaches are insufficient to protect today’s IT/OT/ICS software and devices. SBOM generation is limited to detecting only known vulnerabilities in published software. Source code analysis and static application security testing (SAST) produce too many false-positives, slowing down remediation. Network scanning fails in cases where devices are not connected to the network.

The solution? Automated binary reverse engineering and analysis. Here’s why:

    No access to source code? No problem.
    SBOMs only catch known vulnerabilities.
    Network scans miss a significant chunk of OT/ICS devices.
    20-70% of OT/ICS assets are end-of-life and no longer receive security patches.
    Proprietary systems often hide unpublished vulnerabilities.
    Skilled reverse engineers are rare and costly.
    Manual reverse engineering is slow and inefficient.
    SAST tools overwhelm with false positives.

    BinLens™   –  Automate. Detect. Secure.

    Unlock deeper security insights with BinLens™— your all-in-one solution for advanced binary analysis. BinLens™ (formerly ObjectSecurity OT.AI Platform) uses an integrated approach, combining multiple techniques to uncover potential zero-days with unmatched precision.

    Powered by automated symbolic execution, it excels at detecting memory-safety violations and other undefined behaviors in binary programs, delivering a dramatically lower false-positive rate than competing tools.

    BinLens™ automates key manual reverse engineering tasks like static analysis, disassembly, and decompilation. Unlike traditional tools, it doesn’t rely solely on known vulnerabilities and offers flexible deployment—on-premises/offline or in the cloud.

    Weak Pointers

    manipulate pointers, detect memory vulnerabilities

    Stack Overflows

    detect unsafe writes to the stack frame

    Heap Overflows

    detect unsafe writes to dynamically allocated memory

    User Controlled Program Redirection

    detect user-controlled instruction pointers, arbitrary code execution

    Externally Controlled String Violations

    detect unsafe use of the printf family, output vital program data

    Out-of-Bound Array Index

    detect out-of-bounds writes, data corruption

    Cryptographic Issues

    encryption schemes, embedded keys, entropy

    18,000 CVEs

    focused on known OT/ICS binary vulnerabilities

    ~140 CWEs

    detected across 30 CPU architectures

    Compliance Frameworks

    including NIST 800 and ISA/IEC 62443

    Dangerous Functions

    find 100’s of exploitable functions

    Who Benefits from BinLens™?

    Red Teams, Reverse Engineers, Threat Hunters, and Vulnerability Researchers

    Speed up your manual reverse engineering workflow. Dive deeper into binaries and firmware using advanced automated analyses that are too unwieldy, expensive, and slow to perform manually.

    DevSecOps Engineers, Product Security, QA Testers, and Software Developers

    Detect vulnerabilities that source code analysis and SAST miss. Integrate into your DevSecOps pipeline via OpenAPI.

    Operators, Buyers/Procurement

    Reduce supply chain risks in your IT/OT/ICS environment. Require analysis in RFPs. Analyze during deployment and patching to ensure no vulnerabilities are introduced. Scan legacy devices to ensure they are safe, even if the manufacturer won’t.

    BinLens™: New Name, Upgraded Power — Same Mission to Protect.

    Launched Nov 15, 2024, BinLens™ 3.0 is a bold evolution from ObjectSecurity OT.AI Platform™ 2.x.
    With a sharper focus and enhanced capabilities, it’s your ultimate solution
    for advanced binary analysis and vulnerability detection.

     

    Go to Top