Security Weekly Podcast Network (Video) Talking to the founder of Binarly, a Black Hat Startup Spotlight Finalist - Alex Matrosov - ESW #327
7 snips
Aug 10, 2023 Alex Matrosov, founder and CEO of Binarly and a longtime reverse engineer and firmware researcher, discusses why firmware security matters. He talks about firmware complexity, ML-driven binary analysis without source code, supply-chain disclosure challenges, and high-risk targets like data centers and 5G. He also covers attacker motivations and practical ways to help developers fix firmware flaws.
AI Snips
Chapters
Transcript
Episode notes
Firmware Complexity Is Outpacing Security
- Firmware complexity and device volume are scaling vulnerabilities faster than vendors can secure them.
- Alex Matrosov notes firmware now ranges from kilobytes to hundreds of megabytes and often exceeds Windows kernel size, expanding attack surface across supply chains.
Give Developers Actionable Firmware Fixes Not Just Alerts
- Shift detection to code-level analysis and provide developers contextual, actionable fixes, not just alerts.
- Binarly built an AI 'Alex' to explain root causes and propose fixes because triage latency averages 171 days.
Firmware Implants Moved From Nation States To Criminals
- Firmware implants are no longer only state-sponsored tools; criminal actors increasingly use them for persistence and endpoint-bypass.
- Alex cites BlackLotus and ButtonDrop as examples where commodity actors leveraged public exploits to deploy persistent bootkits.