FIRMWARE + APPLICATION
— SOFTWARE SECURITY ANALYSIS —


Harbor Labs has provided static and dynamic binary analysis for firmware and application software spanning a broad variety of industries. Through a combination of proprietary tools and expert manual analysis, Harbor Labs engineers provide a comprehensive security assessment of the target software or firmware that captures the broadest possible set of vulnerabilities. This holistic approach eliminates the false positives and false negatives commonly produced by common industry automated tools, while often-missed flaws such as architectural vulnerabilities and race conditions are more readily detected. Harbor Labs’ analysis services are incorporated into the release life cycle of clients spanning a broad set of industries.

Past binary analysis work has included:

  • Medical Devices
  • Industrial IoT
  • Consumer Electronics
  • Networking Devices
  • Residential IoT
  • Component BIOS'

  • Automated Security Analysis

    FirmwareIQ represents the next generation in automated binary analysis. Developed by Harbor Labs’ leading industry experts in security analysis, FirmwareIQ automates and expedites many of the analytic functions that comprise a comprehensive binary security project. The analytic output is an intuitive, navigable security report that identifies and highlights vulnerabilities in every major security category of the software package, including:

  • Cryptographic Systems
  • Boot and Kernel
  • Drivers
  • Software CVEs
  • Accounts and Services
  • Scripting
  • Firewall Configuration
  • Permissions
  • Networking
  • Authentication
  • Wireless Configuration
  • Remote Access
  • Web Servers/TLS

  • Source Code Analysis

    Harbor Labs has logged hundreds of hours performing source code analysis in support of client security objectives, IP litigation, and general code quality and integrity objectives. Combining high-end visualization tools with the advanced analytic skill set of the Harbor Labs staff allows for the rapid isolation and inspection of the critical components of the target code most relevant to the client.

    More than simply identifying the vulnerabilities in the target code, Harbor Labs staff is further able to provide expert secure programming services to remedy any vulnerabilities discovered through source code analysis. It is a common outcome that upon delivery of an analysis report, clients will engage Harbor Labs to design and implement solutions to the identified vulnerabilities.