Firmware Supply Chain Company Binarly Raises $3.6 Million from Westwave Capital, Acrobator Ventures
June 22, 2022 - Binarly Team

Figure1

Every startup, like a story, has its own beginning. Binarly started with a simple idea to gain more visibility into firmware through binary code analysis and change the cybersecurity industry’s approach to managing the firmware threat landscape.

Existing security technologies are blind to dangerous attacks happening below the operating system. Malware implants remain invisible for many years due to limitations of current security solutions to firmware and hardware threats. Examples like the ESPecter APT actor show at least eight years of remaining undetected by existing security solutions. The Moonbounce implant is another example where the attackers maintained stealthiness below the operating system for more than seven years. And of course the Hacking Team Vector-EDK based implants remained invisible for many years even after the public leak happened (e.g., MosaicRegressor).

Observing these repeatable failures in threat detection and the firmware supply chain, the Binarly team’s mission is to develop true next-generation solutions to solve firmware security problems, at scale, for the entire industry. Binarly’s technology is solving firmware security issues by applying deepcode inspection and machine learning technologies below the OS.

The current industry approach to device and Firmware Security is Integrity Monitoring of the boot process and firmware storage, but integrity failures have limited context and don’t answer the most important question for incident response: what happened? This approach is a baseline solution to notice malicious firmware changes based on integrity failures but does not provide any insights to security teams about the root cause of the problem that triggered the failure.

We have created a cybersecurity company with a mission to solve hard technical problems by leveraging the benefits of program analysis and machine learning and projecting this knowledge into the firmware security space.

When we left Nvidia and BlackBerry in the spring of 2021, we knew we needed to solve the problem for the entire industry, not just one company. This directly influenced our motto: provide an advanced analytics platform to enhance visibility into the firmware supply chain. Binarly’s technology allows security teams to have more visibility into firmware failures by leveraging deep code inspection technology at the binary level to power machine learning models and create actionable insights.

Binarly is co-founded by security pioneers Alex Matrosov and Claudiu Teodorescu, who previously worked on hardware and software security at NVIDIA, Intel Corp., ESET, BlackBerry, Cylance and FireEye. Matrosov, a highly regarded researcher who is regularly credited with major vulnerability discoveries, is co-author of Rootkits and Bootkits, a seminal book that explains how to understand and counter sophisticated, advanced threats buried deep in a machine’s boot process or UEFI firmware.

Figure2

With the help of our brilliant development and research teams, we have built a unique technology stack that helps enterprises solve firmware supply chain failures by combining expertise from multiple areas such as program analysis, vulnerability research, digital forensics, threat hunting, machine learning, and cloud engineering.

In addition Binarly is fortunate to be advised by world-renowned cybersecurity entrepreneurs and industry experts who are interested in addressing firmware supply chain problems at scale.

Because of our initial connection to the technology and science ecosystem within CalTech, Binarly was founded in Pasadena, Southern California. Binarly's team is driven by a unique combination of science and technology that leads to industry innovations.

Figure3

Today marks an important milestone in our company’s story. Binarly has raised $3.6 Million from Westwave Capital and Acrobator Ventures. Additionally, prominent cybersecurity leaders Michael Sutton, Thomas 'Halvar Flake' Dullien, Jamie Butler, Ryan Permeh, Bryson Bort, Pedram Amini, Chris Ueland and David Mandel from Emerging Ventures also joined as investors.

Here’s a word from our investors:

“It’s no secret that firmware security presents a growing challenge that needs to be solved, but it's one that's inherently challenging given the heterogeneous nature of the firmware market. For far too long, hardware manufacturers have relied on security through obscurity and we’re now paying the price as attackers identify and exploit flaws that impact thousands of devices across the globe. We cannot ignore this challenge any longer. We need security solutions able to continually analyze firmware regardless of source. Blindly trusting hardware manufacturers is a recipe for disaster. The Binarly team has the expertise and vision to finally execute on delivering a scalable solution to get this problem under control.” Michael Sutton, Managing Partner, Stonemill Ventures

A pre-seed round from cybersecurity veterans helped us greatly in our initial journey from an idea to the Minimum Valuable Product (MVP) and eventually to the Binarly Platform. But with the help of institutional investors, we have reached our next milestone which opens a new chapter in Binarly's history. We plan to use the investment to speed up research and development initiatives, expand our world-class engineering team, and scale enterprise and device manufacturer adoption of our technologies.

Binary team is innovating the industry by adoption of next-generation technologies to enhance visibility into the firmware supply chain.

Figure4