The March 2021 Security Signals report showed that more than 80% of enterprises have experienced at least one #firmware attack in the past two years, but only 29% of security budgets are allocated to protect firmware.
Asaf Karas, CTO at Vdoo:
“Firmware vendors and OEMs should not only rely on external protection mechanisms implemented at the OS level to stop exploitations, but improve their firmware and device security by design. This should be done by continuously analyzing the firmware security posture during the SDLC process and, even more importantly, in its production state before distribution because this is the state in which attackers see it when they search for vulnerabilities. Firmware analysis tools enable both vendors and asset owners to detect security issues early in the process, thus simplifying and lowering their remediation cost.”