They thrive in the dark areas of your software supply chain where software component and vulnerability analysis are blind to software tampering. Unpacking and analyzing the depths of a compiled software binary brings the following hidden risks to light.
Third-party libraries, precompiled components, and static dependency linking can hide vital information from your software bill of materials, making it difficult to find years-old, known vulnerabilities within your application.
Obtaining a comprehensive, verified list of software components and dependencies empowers you to address unaccounted third-party risks.
Public repositories like NPM that host a large number of third-party packages are good hiding places for malware to lurk in. Typo-squatting and other techniques are used to trick developers into installing malicious tools masquerading as reusable components or useful updates to popular packages.
In-depth malware detection and identification of unusual behavior changes in package updates enable you to create more secure software.
A bash uploader script used by customers was altered with a single line of code undetected by vulnerability analysis or antivirus tools. The change collected information from customer’s environments (user names, passwords, tokens, etc.) for the subsequent attack stages.
Checking software for suspicious behavior changes before deployment helps you find scary software before it impacts customers.
Development, build, packaging and signing environments can be prone to compromise, hijacking and software tampering. When malicious changes can fool traditional security testing and code audits, the updates are signed and released to wreak havoc on your customers.
A final check for unexpected changes in software behavior before distribution makes it easier to detect if software updates have been hijacked.