TL; DR: In today’s increasingly connected world, businesses have become focused on building mobile- and IoT-focused products. And powering much of this tech are open-source software components, which carry an array of security concerns. As a result, Insignary has developed open-source compliance and security software to discover vulnerabilities in binary code. By scanning binary files inside and out, the company’s flagship product, Insignary Clarity, can spot potential dangers long before they have time to cause damage. We recently caught up with CEO TJ Kang, who told us how Insignary is helping secure thousands of business applications around the world.
A team of web designers is responsible for the development and continued security of a state representative’s website, which uses an automatic correspondence system purchased from a third-party vendor. Keeping the ever-evolving nature of threats in mind, the team must constantly reassess its web applications.
While security is of utmost concern in any organization or industry, the potential fallout from a compromised government system or website has huge potential for disaster. Therefore, only the most secure applications are acceptable. This requires the team to thoroughly review not only the code of the application itself, but also any potential vulnerability within its compiled shell.
Traditional vulnerability scanning looks for flaws within a program’s source code, examining commands and signatures. But Insignary takes this a step further. The company’s flagship binary code scanner, Insignary Clarity, scans the actual binary container for the application, leading to a much more comprehensive assessment. As a result, many organizations use Insignary Clarity to keep operations smooth, safe, and compliant. With an impressive client base and a wide range of features, Insignary offers the perfect answer to allay any development team’s security concerns.
In addition to being more thorough, the need for binary scanning is sometimes the only possible way to assess an application.
“Traditionally, you would need to actually have the source code,” said Insignary CEO TJ Kang. “Often, companies have their software supplied by vendors in binary form and don’t have direct access to the source code.”
Although Insignary is a relatively young company, its software has quickly built up a reputation as one of the most effective ways to ensure security and compliance.
Addressing The Overlooked Vulnerabilities of Compilers
Incorporated in 2016, Insignary quickly rose to fame as a global leader in commercially available binary code scanners. With attacks the likes of DDoS and ransomware making headlines in recent years, it’s no surprise businesses are more concerned than ever.
As prevention is always better than mitigation and recovery, businesses must evaluate their software for vulnerabilities. Fortunately, Insignary Clarity makes that assessment easy.
To ensure apps are airtight, businesses must go beyond simply scanning basic code. A seemingly secure application can be coded flawlessly, yet still be susceptible to hacking due to weaknesses in the compiler itself.
In addition, businesses using paid third-party apps may not even be allowed access to this source code in the first place, rendering traditional methods useless in some cases.
“The company was started with the idea of providing an easy way for users to figure out what the software they’re using contains,” TJ said.
To date, binary code scanning is the most thorough method of vulnerability assessment possible, with proprietary versions run by large enterprises and government organizations.
Identifying Exposure Points Without The Need For Source Code
As scanning by source code alone has become insufficient — and sometimes even impossible — more and more companies have turned to solutions like Insignary Clarity to better understand the content and capabilities of purchased apps.
Malicious hacking is most often done by identifying and exploiting vulnerabilities, and Clarity helps close those loopholes using a variety of methods, including fingerprint-based, open-source software component detection technology.
“The popular method used by other vendors was comparing hash values from open-source binaries in a database against the target binary,” TJ said. “The problem is that there are millions of open-source components out there usually distributed as source code.”
Identifier-based fingerprinting uses symbol and string comparisons to identify components by signature without the need for reverse engineering. Following identification, Clarity looks for known security and compliance issues associated with them.
The tool also unpacks the entire binary to analyze every individual file, code snippet, and other associated pieces of data. Additionally, Clarity can be used through command line or GUI to execute scripts and export data in a variety of formats, including JSON, CSV, HTML, and XLS.
The Future: Reinforcing The Security of Wireless Communications
Given its flexibility, Insignary Clarity is useful for analyzing a wide range of software, including firmware for networking devices. Among Insignary’s most significant findings was the recent discovery of numerous vulnerabilities in popular OEM router firmware releases.
The newest and most potentially harmful vulnerability, dubbed “KRACK,” allows malicious hackers to bypass the WPA2 security protocol. Because WPA2 is the current standard for wifi encryption, KRACK has the potential to affect an alarming number of devices and users who may inadvertently share unencrypted data on the network.
By taking the initiative to scan the top 32 pieces of wireless router firmware in the world, Insignary has demonstrated its desire to not only help businesses, but improve the overall safety of communications across the world.
“We were surprised to find that all of the router firmware contained security vulnerabilities, with some containing quite a few,” TJ said.
Other major vulnerabilities are caused by the use of outdated versions of software components, such as FFmpeg, OpenSSL, and Samba, which make DoS attacks, buffer overflows, and remote code execution easier to compromise. Fortunately, Insignary’s discovery has the potential to alert vendors, prompting them to resecure these firmware components.