Firmalyzer launched IoTVAS to fill a crucial gap in the existing asset and vulnerability management solutions by accurate device discovery and risk assessment

Share Article

Firmalyzer, a cyber security firm launched IoTVAS to fill a crucial gap in the existing asset and vulnerability management solutions by accurate IoT or connected device discovery and risk assessment deep inside the device firmware.

IoTVAS Dashboard

IoTVAS Dashboard

Whether you utilise the asset and vulnerability management solutions for your internal network or provide managed security services or IT auditing for your customers, IoTVAS can be one of your key assets to deliver far superior results.

Firmalyzer, a cyber security firm, has recently announced the launch of IoTVAS, an IoT/connected devices asset discovery and vulnerability assessment solution. IoTVAS extends the reach of the enterprises vulnerability management programs to the IoT/connected devices. It can integrate with their existing IT asset management and vulnerability assessment solution, providing accurate device discovery and real-time vulnerability assessment at the firmware code level without requiring network traffic collection or installation of software agents on devices. This allows them to get the most of the existing security tools and proactively find high risk connected devices.

IoTVAS not only helps companies see the devices that they cannot always see and protect them, but also enables them to detect device firmware vulnerabilities. 80 percent of enterprises have experienced at least one firmware attack in the past two years, according to a report by Microsoft published earlier this year.

IoTVAS detects a wide range of enterprise connected devices with more than 50,000 device fingerprints in the absence of their MAC addresses. More importantly, it utilizes Firmalyzer’s proprietary firmware vulnerability knowledge base to accurately report vulnerabilities including vulnerable 3rd-party components, configurations issues, insecure and weak keys, expired and weak certificates, as well as the default accounts. Detecting end-of-life devices and devices running outdated firmware versions are other key advantages of IoTVAS.

“IoTVAS is not released to replace the existing solutions or exhaust users with another dashboard, it is created to complement them in the most efficient way and that is why we put our focus on the API offering and integrations with the other security solutions, although we also have a SaaS offering for those who prefer that.” said Zahra Khani, co-founder and CEO of Firmalyzer. “Whether you utilise the asset and vulnerability management solutions for your internal network or provide managed security services or IT auditing for your customers, IoTVAS can be one of your key assets to deliver far superior results.”

The company currently developed a NSE module for Nmap that turns the Nmap port scanner to an IoT/connected device discovery and real-time risk assessment tool. A sample application that demonstrates integrating IoTVAS API with the Rapid7 InsightVM platform is also developed and the plan is to integrate it with the other IT asset management and vulnerability management products.

About Firmalyzer:
Firmalyzer is specialized in providing security solutions for OT, IoT and connected devices. The company is the provider of the first automated firmware security analysis solution in the market. Firmalyzer's founding team members expertise in security assessment and vulnerability research on enterprise OT/IoT/connected devices and communication protocols lays the foundation of their solutions and services. The company provides tailored solutions to solve challenges faced by cyber security service providers, IoT/connected device manufacturers and their customers in managing OT/IoT/Connected devices risk. For more information please visit: http://www.firmalyzer.com.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Zahra Khani
Firmalyzer
+32 3228923951
Email >
@firmalyzer
since: 03/2016
Follow >
Visit website