- October 19, 2021
- Posted by: Antreas Fanides
- Categories:
Our company in collaboration with the company Silensec created a product/ tool which co-funded by the Ministry of Energy commerce and industry.
This tool with the name ”BinVulnAnalysis”, is software that automates the program analysis process, a means of reverse code engineering, which can produce the most accurate results in detecting vulnerabilities. This product has the ability to analyze the software that runs on various operating systems such as Windows, Linux, Android, Unix, iOS, and OS X and on various processor platforms such as Intel and ARM. The purpose of this project is to significantly increase the ability to detect problems, minimize the time to find them, and reduce software production costs.
There is no requirement from the manufacturer to submit any intellectual data or corporate secrets such as manuals of protocols and source code. The submitter is analyzed by the BinVulnAnalysis program and you produce a report containing the list of weaknesses of this software that can be corrected by the producer.
“BinVulnAnalysis” splits into three main pieces, software file loading, code disassembly, and trouble detection. These pieces will consist of a number of subunits that are responsible for identifying and analyzing various platforms. Based on these and some other processes, you build a database, which you use from problem detection sub-units to identify the potential code streams that make the program vulnerable to attacks.
The report produced by the product contains the list of problems identified, their address in the code, and the dangerous flows that result in these addresses. The client will be able to separately, add the program symbol database and retrieve detailed information about the points in the code that he needs to repair.
The advantages of this innovative product over previous automation processes and software, have to do with the significant reduction of the cost and time required to complete the analysis. Compared to black-box testing methods, BinVulnAnalysis is able to detect more problems in a shorter period of time. In white-box testing methods, “BinVulnAnalysis” provides more speed than manual analyses and can detect problems that occur after dubbing of the program.
The product brings a significant change in the way programs for security weaknesses are analyzed at a large level. It helps to shield software by protecting various systems such as infrastructure, personal data storage, banking, military, etc. from malicious attacks. In the future, the product can also be integrated into network security products by producing attack detection lists on programs and services offered by an organization.
You can try our product by following the below link, or you can send us an email to info@acgoldman.com info@acgoldman.com for more details.