Static Binary Code Analysis Tools
Vulnerability detection
CodeSentry
CodeSentry is a static analysis tool for binary software composition.
CodeSentry allows detecting vulnerabilities in third-party software present in applications or products.
Binary Software Composition Analysis (SCA)
Binary Software Composition Analysis allows detecting vulnerabilities in third-party software present in applications or products.
90% of companies use third-party software in their applications. Additionally, a large part of the commercial applications acquired incorporate third-party software. Finally, applications developed by third parties for a company may incorporate software from third parties.
A significant portion of applications contain components with a high level of known vulnerabilities. Some of the latest vulnerabilities that have caused problems in the industry are:
Heartbleed bug (CVE-2014-0160): Vulnerability in the OpenSSL cryptographic library
Urgent/11: Vulnerability in the TCP/IP stack originally developed by Interpeak. By exploiting the vulnerability, code could be executed remotely. It has impacted real-time operating systems such as ENEA, Green Hills Integrity, Mentor and Wind River VxWorks.
Ripple20: Vulnerability in the TCP/IP stack. By exploiting the vulnerability, code could be executed remotely. It has affected products from HP, Schneider Electric, Intel, Rockwell Automation, Caterpillar, Baxter and many others.
CodeSentry analyzes the final executable in binary format instead of the source code that in many cases is not available. This technique is very reliable and significantly reduces the number of false positives since it eliminates the analysis of deactivated code or code that is not finally present in the executable object code.
CodeSentry Functionality
CodeSentry incorporates deep binary software analysis utilities, generates a Software Bill of Materials inventory and accesses the most complete databases of known vulnerabilities on the market.
The figure shows the list of components that make up the application inventory.
For each component, the version, the degree of similarity with the analyzed library and the number of vulnerabilities detected according to the CVSS (Common Vulnerability Scoring System) risk measurement, which classifies them into low, medium, high and critical severity degrees, are shown.
Additionally, for each component present in the inventory, CodeSentry generates reports of N-Day (known) vulnerabilities, based on public vulnerability databases, and Zero-Day (potential vulnerabilities), based on the binary code analysis capabilities of the tool.
Supported formats of the application to be analyzed
- Compressed Formats
- Zip (.zip)
- 7-zip (.7z)
- Bzip (.bz2)
- Gzip (.gz)
- Windows Installers (.msi)
- Native binary formats
- Linux (.o, .so, .a)
- Windows (.exe, .obj, .dll)
- MacOS
- Cross-platform binary formats
- Intel
- ARM
Roadmap: Upcoming supported formats
- Disk images
- Installer images
- Containers
- Directories
In-depth binary code analysis
CodeSentry employs multiple pattern comparison algorithms for both native and cross-compilers of Intel and ARM architectures.
Vulnerability Detection:
