Device manufacturers, operators, and auditors alike need proof of both the legitimacy of the firmware—who it is made by and whether it is out of date—as well as what’s inside of the firmware, such as the presence of vulnerabilities.
FULTON, Md. and NANAIMO, British Columbia (PRWEB) September 03, 2020
ReFirm Labs, a provider of the industry’s first proactive IoT and firmware security solutions, and aDolus Technology Inc., a global authority on software intelligence for critical infrastructure, today announced an integration partnership to improve the security and integrity of firmware that runs IoT devices for customers and their supply chains in regulated and critical industries.
The aDolus FACT™ platform provides a central, authoritative source of truth about the authenticity of firmware to help operators of Industrial Control Systems (ICS) validate the origins and integrity of firmware before installing it on their equipment. FACT aggregates information about firmware and software from many sources to provide an easy-to-use "FACT Score" for a file's trustworthiness.
ReFirm Labs’ Centrifuge is a cloud-based, highly scalable platform that vets, validates, and continuously monitors the security of firmware to protect against emerging cyber threats while enabling automated compliance reporting. Centrifuge has been proven to increase productivity for security teams while reducing the number of breaches on internet-connected devices.
With the addition of data from ReFirm Labs’ Centrifuge to FACT, the combined solution provides deeper insights into the security of the firmware image before it is deployed. Together, ReFirm Labs and aDolus support a broader set of compliance efforts to meet emerging IoT security and privacy standards and regulations in a number of industries, such as NERC CIP-013 in the power industry.
“ICS supply chain attacks are on the rise. Criminal groups and hostile governments have started to exploit vulnerabilities in firmware. They are developing and distributing counterfeit software and firmware for embedded systems and just one bad file can open the door to everything in your system,” said Eric Byres, CEO of aDolus. “The consequences of these attacks can be devastating, putting company secrets, operations, and teams at risk. Together with ReFirm Labs we can offer a comprehensive solution to the market.”
ICS operators in the energy, manufacturing, medical, and aerospace sectors need to trust that the firmware that runs their interconnected IoT devices is valid, authentic, and secure for system implementation and upgrades. ICS vendors need to offer their customers independent validation that the firmware they distribute is safe to use.
The integrated solution has already been deployed for a major device manufacturer in the energy sector, that is using the integrated telemetry to achieve a first-level security assessment as well as to monitor the integrity of its firmware.
“Device manufacturers, operators, and auditors alike need proof of both the legitimacy of the firmware—who it is made by and whether it is out of date—as well as what’s inside of the firmware, such as the presence of vulnerabilities. Given the threat landscape, we are very pleased to be partnered with aDolus to provide our customers a more complete solution for addressing IoT security and compliance demands,” said Derick Naef, CEO of ReFirm Labs.
About aDolus Inc.
aDolus provides an ecosystem called FACT (Framework for Analysis and Coordinated Trust) for brokering information about IoT and Industrial IoT software. FACT helps facilities determine if updates are safe to install on mission-critical devices. FACT aggregates information from vendors, asset owners, system integrators, consultants, and security researchers, and applies decades of security expertise to build a “FACT score” of trustworthiness. Much like a FICO credit score, FACT makes it quick and easy to make installation decisions, enforce policies, and ensure governance of security processes via an audit trail. Visit us at http://www.adolus.com or for access to the free version of FACT platform, visit https://adol.us/quickscan.
About ReFirm Labs
ReFirm Labs provides the industry's first IoT and firmware security solutions that proactively vet, validate and continuously monitor IoT devices from hidden threats. Its flagship product, Centrifuge Platform®, detects and reports potential zero-day vulnerabilities, hidden crypto keys, backdoor passwords and known vulnerabilities in IoT devices without needing access to source code. ReFirm Labs' technology has been proven to provide the insight and intelligence needed for users to proactively defend connected devices and maintain compliance and the integrity of supply chain security. Founded by a team of former NSA offensive cyber operators, ReFirm Labs is trusted by government agencies and Fortune 500 companies that operate in a wide variety of industries, including: telecommunications, cloud infrastructure and data centers, automotive, health care, utilities, and manufacturing. For more information, visit https://www.refirmlabs.com or follow on Twitter @ReFirmLabs.