v3.6

​

Hero Features

• Findings Scope
  • Focus on the most relevant issues on a per-product basis with comprehensive scoping filters.
  • Scope filters allow tailoring the findings view to match each product’s specific requirements.
  • Filters apply to the dashboard, findings grid, charts, and exports.
• Python package and source code analysis support
  • PQC and CBoM: identification of cryptographic algorithms and libraries
  • Extends our existing capabilities for cryptographic inventory analysis to the Python ecosystem
• Filter by CVSS Vector elements
  • Findings Grid is now able to filter by all CVSS Vector elements
  • Integration with saved views and column management
  • Default filter is the CVSSv3 Base Score and Attack Vector

​

Features

• Binarly Knowledge Center Integration
  • Access to the Binarly Knowledge Center directly from the Binarly Platform UI
  • Guides, tutorials, and best practices for using the Binarly Platform
  • Integration
    • SaaS: available by default
    • On-prem: available but needs to be enabled server-side
• Scan partitioning (50 MB partitions)
  • Small images are unaffected
  • Large images see 20 - 50% performance improvement, depending on size and component makeup
  • Computation of scans is now parallelised across many nodes

​

Binarly Analysis Engine

• New Platforms/Formats
  • Support for disk images in various formats (raw, VHD, VHDX, QCOW2, VMDK)
  • Support for Python packages, source code, and byte code, with installation and source provenance
• Vulnerability Database Service
  • Improvements and fixes for cisa-kev, metasploit, and nuclei sources
  • Performance and stability improvements including faster Ubuntu OVAL updates and git repository synchronization
• New Features
  • Known vulnerability detection:
    • New rule primitives for control-flow analysis and IR matching
    • Improved decompilation matching via constraints
    • Documentation additions and improvements in preparation for VulHunt community edition release at RE//verse
  • Cryptographic assets/algorithms:
    • Cryptographic algorithm identification for Python packages and source code:
    • Support for major libraries, including: stdlib, cryptography, m2crypto, pycryptodome, pynacl, and pyopenssl
    • CBoM generation support
  • Additional cryptographic algorithm coverage for the Java ecosystem
  • Support for estimated EPSS (E-EPSS) for cryptographic weaknesses, Secure Boot bypasses, use of leaked keys, and incorrectly implemented or missing RSB stuffing
• New Context-Aware Rule Detection (VulHunt, FwHunt, YARA)
  • VulHunt detection(s) for:
    • CVE-2024-12084 (POSIX)
• Analysis Framework Enhancements
  • Support for analyzing and creating partitioned analysis archives for improved scan performance and resource utilization
  • Support for inter-tool property communication, so that analysis tools in the scan pipeline can transmit properties to each other, allowing, e.g., to derive inter-component reachability or to model the effect of hardening features on a finding’s severity
  • Improved analysis of binaries compiled with Pointer Authentication Code (PAC)
  • Improved handling of padding bytes when performing disassembly
  • Improved compiler identification in POSIX/UEFI binaries, including fixes for clang-compiled UEFI modules and enhanced rustc detection
  • Improved type system support for incomplete arrays and flex array members
  • Stricter ARM alignment checks during CFG construction, reducing false positives and improving coverage
  • Improved support for cryptographic keys extraction
  • 7-15% performance improvement for cryptographic algorithm identification for Java ecosystem
  • Improved memory utilization during analysis archive creation (input extraction and normalisation)
  • Updated reporting APIs to enable package-level properties
  • Fixes for analysis of standalone UEFI modules in FwHunt rule engine
  • Fixes for RSB stuffing checker