Monday, November 28 2022

Binarly Inc., a cybersecurity company building technology to address repeatable security failures in the firmware supply chain, today announced $3.6 million in seed funding from WestWave Capital and Acrobator Ventures. Prominent cybersecurity leaders Michael Sutton, Thomas ‘Halvar Flake’ Dullien, Jamie Butler, Ryan Permeh, Bryson Bort, Pedram Amini, Chris Ueland and David Mandel from Emerging Ventures also joined as investors.

Binarly is co-founded by security pioneers Alex Matrosov and Claudiu Teodorescu, who previously worked on hardware and software security at NVIDIA, Intel Corp., ESET, BlackBerry, Cylance and FireEye. Matrosov, a highly regarded researcher who is regularly credited with major vulnerability discoveries, is co-author of Rootkits and Bootkits, a seminal book that explains how to understand and counter sophisticated, advanced threats buried deep in a machine’s boot process or UEFI firmware.

Binarly has built a SaaS platform for analyzing, understanding and responding to silent, currently undetectable security threats at the firmware layer. Using a combination of machine learning and deep code inspection at the binary level, Binarly enables security teams to have real visibility into hardware and firmware failures and a simple way to recover from sophisticated attacks below the operating system.

Binarly also developed its own technology for vulnerability management and protecting the firmware supply chain from repeatable failures. The company’s approach uses semantic properties of the binary code to improve detection accuracy by limiting the number of false positives.

So far this year, Binarly has coordinated the disclosure of 107 critical firmware security vulnerabilities affecting the entire enterprise device ecosystem. The company worked with security response teams at Insyde, AMI, Lenovo, Dell, HP, HPE, Siemens, Fujitsu, Atos, Intel, AMD and many other vendors to mitigate high-impact security issues across the computing landscape. Many of these vulnerabilities demonstrate the complexities of the firmware supply chain that negatively disrupt the timeline for patch delivery and identification of impacted parties.

“The current approach in the industry is to detect risks related to the firmware by leveraging the current version number of the firmware update against a public database of vulnerabilities and threats. This leads to firmware supply chain failures because known vulnerabilities that are not associated with a certain version number of a firmware release will not be detected thus keeping the ‘doors’ open for an attacker,” Matrosov said.

“Assessing the impact of a known firmware based vulnerability in a customer environment, at scale, is a problem without a viable solution. We have developed the FwHunt technology that adds semantic context around a known vulnerability to ensure detection while reducing false positives,” Teodorescu said.

Binarly plans to use the investment to speed up research and development initiatives, expand its world-class engineering team, and scale enterprise and device manufacturer adoption of its technologies.

Quotes from investors:

“We are excited to invest in founders Alex and Claudiu at Binarly. We have immense respect for their deep technical expertise and understanding of the firmware security market. We recognize that there are significant exposure issues in addressing firmware security vulnerabilities and we have strong conviction that Binarly will mitigate those concerns – both immediate and in the long term.” – Warren “Bunny” Weiss, Managing Partner, WestWave Capital.

“CISOs from critical infrastructure companies, hyperscalers, and cybersecurity experts rate firmware security as a top-three priority. In a world where IoT, edge devices and the mere size of firmware on devices significantly increases, it’s a matter of ‘when’ not ‘if’ new dominant security solutions are adopted. Why Binarly? They’ve got the best-in-class team discovering vulnerabilities no one else has found and managed to surround themselves with incredible experts.” – Mike Reiner, General Partner, Acrobator Ventures.

“It’s no secret that firmware security presents a growing challenge that needs to be solved. For far too long, hardware manufacturers have relied on security through obscurity and we’re now paying the price as attackers identify and exploit flaws that impact thousands of devices across the globe. Blindly trusting hardware manufacturers is a recipe for disaster. The Binarly team has the expertise and vision to finally execute on delivering a scalable solution to get this problem under control.” – Michael Sutton, Managing Partner, Stonemill Ventures.

Alex Matrosov, founder and CEO of Binarly
Previous

Allied Universal Acquires Three Companies

Next

Cyber Deals: HUB Security, Cyberint, MetaCompliance

Check Also

Widget

Don’t Miss

Cyber Deals: Spin Technology, CyberArk, Mesh Security

James Hu

Cybersecurity Venture Funding and Mergers: This week’s deals involved cloud security services, data privacy, and industrial cybersecurity companies. Funding Cloud cybersecurity firm Mesh Security has secured $4.5 million in venture funding. The round was led by Booster Ventures with participation from other investors. Spin Technology, a firm providing SaaS security solutions, raised $16 million in […]

Cyber Deals: Cybrary, Ping Identity, Axio Global

James Hu

Cybersecurity Venture Funding and Mergers: Key investments were made in cybersecurity training, secure enterprise browser, and risk management companies. M&A activity this week involved identity security, zero trust, and threat intelligence firms. Funding Cybrary, a cybersecurity training platform, raised $25 million in a Series C funding round. The round was led by BuildGroup and Gula […]

Cybrary Secures $25 Million in Series C Funding Round

James Hu

Cybrary, a Maryland-based cybersecurity training platform provider, raised $25 million in a Series C funding round. The round was led by BuildGroup and Gula Tech Adventures, two of its current investors. Following its $15 million Series B round announced in November 2019, this latest investment brings Cybrary’s total funding to date to $48 million. Cybrary […]

Cyber Deals: Exterro, Naoris Protocol, Cybit Sec

James Hu

Cybersecurity Venture Funding and Mergers: This week, notable funding and M&A activity involved compliance, enterprise security, and vulnerability assessment firms. Funding Exterro, a legal governance, risk, and compliance software provider, completed a strategic recapitalization valuing the firm at over $1 billion. The company, currently owned by Leeds Equity Partners, is targeting a potential 2023 initial […]

Cyber Deals: Halborn, Irideos, Anvilogic

James Hu

Cybersecurity Venture Funding and Mergers: This week, cybersecurity venture funding and M&A activity involved blockchain, artificial Intelligence, and SaaS solution providers. Many of these deals will also be funding the future of cloud security. Funding Halborn, a blockchain cybersecurity firm, raised $90 million in a Series A funding round led by Summit Partners with participation […]

Huntress acquires Curricula for $22 million

James Hu

Huntress, a cybersecurity firm providing a security management platform to small and medium sized businesses, has acquired Curricula, a security awareness training service provider, for $22 million. Curricula is a freemium SaaS company offering solutions for employee cybersecurity training. Their methods incorporate behavioral learning techniques and engaging storytelling to maximize employee engagement. Small and medium […]