ReFirm Labs, a trusted provider of firmware vetting and validation to the enterprise, today announced they have been named Cybersecurity Startup of the Year in the Info Security PG’s 2018 Global Excellence Awards®. The company is poised to redefine IoT Security throughout the enterprise sector with their flagship product, Centrifuge, which automatically detects security vulnerabilities in the firmware that runs billions of Internet of Things (IoT) devices, consumer electronics and other connected enterprise machines. These prestigious global awards recognize cybersecurity and information technology vendors with advanced, ground-breaking products, solutions, and services that are helping set the bar higher for others in all areas of security and technologies.
ReFirm Labs was founded in 2017 by Terry Dunlap and Peter Eacman, both elite NSA offensive cyber operators with nation-state levels of expertise in firmware security. In its first year, ReFirm Labs gained the trust of, and is currently supporting the IoT devices of, several household names, such as Disney and AT&T. Additionally, the company published a report on the state of firmware vulnerability, and received $1.5 million funding from the highly accredited cybersecurity company accelerator, DataTribe.
“According to BI Intelligence, the IoT epidemic is on track to reach 34 billion devices by 2020,” said Terry Dunlap, CEO and Co-Founder of ReFirm Labs. “There are over 8 billion existing IoT-connected devices, with millions more coming online every day, and no standards or regulations to ensure a security baseline. Our Centrifuge platform exposes the hidden dangers lurking inside firmware that, if left untreated, could result in a catastrophic outcome. We are thrilled to be recognized as an emerging leader bridging the gap between firmware protection and IoT security.”
Firmware is a commonly unprotected attack surface in these devices that when hacked can result in devastating consequences. It is often developed with less attention to security than software and frequently involves the integration of 3rd party components with unknown security postures. Centrifuge is the first firmware validation platform to bring this capability to the commercial market, providing visibility into firmware vulnerabilities for practically every type of IoT device regardless of manufacturer or device application. Developed to identify zero-day vulnerabilities, hidden crypto keys, and backdoor passwords in firmware without access to source code, Centrifuge is a highly scalable platform that empowers companies to uncover firmware abnormalities and report the vulnerabilities in under thirty minutes. The efficiency and speed of the platform allows companies to integrate and perform scans of their firmware seamlessly, giving them the opportunity to respond quickly to potential weak spots.