Product Blog

The latest release of the Binarly Transparency Platform (version 3.5) introduces several new features designed to help organizations strengthen and secure software supply chains. One key enhancement is the integration and full support of YARA, the de facto standard widely used for malware detection, threat hunting, and digital forensics.

Cryptographic algorithms protect critical properties of modern software. With the potential danger posed by the advent of quantum computers, it has become more important for companies to identify which algorithms are present in the systems they use or ship to customers.While mature algorithm usage detection solutions for languages which target the JVM are readily found when working at the source code level (e.g. CodeQL, Semgrep), solutions working at the bytecode level are less prevalent, outdated, or do not provide comprehensive coverage.

Software mitigations play a critical role in the quest to secure the digital world. Shortly after the discovery and the rise of buffer overflows in the 90s, mitigations were introduced in the software ecosystem and eventually made their way into virtually any piece of software we run on our devices: from browsers to web servers, from OS kernels to userspace applications. Mitigations are typically designed to address one or more classes of vulnerabilities, making their exploitation more difficult. For example, while exploiting a stack overflow without any deployed mitigation is straightforward, the presence of properly implemented stack canaries requires chaining additional vulnerabilities or leveraging more complex techniques to bypass this protection. 

The accidental leakage of sensitive information like API keys and passwords, commonly from container images, poses significant risks, requiring thorough scanning to prevent exposure. Challenges in secret detection include managing diverse secret formats, minimizing false positives, and ensuring high performance to avoid CI/CD delays.

Binarly’s reachability analysis cuts through alert fatigue by identifying which vulnerabilities are actually exploitable. By focusing on real execution paths and environment context, it helps teams prioritize what truly matters and ignore the noise.

The latest release of the Binarly Transparency Platform introduces powerful new capabilities that bring clarity to the chaos of vulnerability management and software supply chain security. This update is purpose-built to help enterprise defenders to prioritize what truly matters and to surface the vulnerabilities that pose real, immediate security risk. 

In April 2025, Gartner released its Market Guide for Software Supply Chain Security (SSCS), highlighting three core objectives for enterprise CISOs (Chief Information Security Officers) and cybersecurity leaders to prioritize:

The all-new Binarly Transparency Platform v2.8 represents a pivotal leap forward in our engineering and product development processes as we shift to a more agile, monthly release cadence. This latest release introduces advanced image diffing, refined role-based access control (RBAC), and enhanced vulnerability detection capabilities, marking a significant step forward in the cybersecurity landscape.

New cryptographic reachability and PQC compliance features position forward-looking organizations to meet evolving NIST standards with confidence.

Binarly releases Binary Risk Hunt, a free vulnerability scanner with software bill of material generator.