v3.0

​

Hero Features

• Important Findings - Immediately see the findings with elevated risk that we believe should be actioned immediately or create your own priority views that you can quickly jump back into.
• Exploitation Maturity Scoring - EMS leverages real-time exploitation signals to provide a weighted linear scoring approach. Developed completely in-house, the EMS is designed not to predict the future, but to measure the present by using real-world signal. You can learn more about the EMS here.
• Threat Intelligence Monitoring - Threat intelligence monitoring leverages feeds from our internal vulnerability database as well as external sources such as NVD, EPSS, and CISA. It combines these threat feeds with other information, including our own Exploitation Maturity Scoring EMS, to surface high-risk findings. By tracking escalations and trends, the system provides real-time visibility into evolving and emerging threats within the binaries assessed and managed through the Platform.

​

Features

• Global Search - Explore the power of refined search capabilities to uncover detailed information about sophisticated threats like CosmicStrand or a specific CVE for example. Navigate seamlessly through intuitive interfaces to access critical findings and enhance your cybersecurity strategy. Get the details for any keys or certificates (vulnerable and non-vulnerable) in an image and download them.
• Auto-Advisories and VEX - When you discover a new unknown vulnerability with the Binarly platform, automatically generate an actionable advisory that can be shared with your vendor. For known vulnerabilities, create VEX files to communicate them across your supply chain.
• Reporting updates: PQC Compliance and CSV export - Save any grid view in CSV format so you can share it and load it into your favorite spreadsheet program for further analysis. Also, new Post-Quantum Compliance Reports are now available to map to NIST IR 8547 and provide visibility into Post-Quantum supply chain resilience.

​

Binarly Analysis Engine

• Added compiler information - Extended detection of compilers.
• Cryptographic Materials - Enhanced cryptographic artifact extraction.
• Unknown Vulnerabilities - Expanded capabilities to detect new classes of vulnerabilities including improper input validation, import handling, abnormal PE parsing, and microcode issues in UEFI-based firmware.
• Secrets - Increased accuracy and enhanced scanning capabilities.
• Code Analysis - Enhancements in pseudocode and decompilation processes to strengthen code analysis capabilities.