Blog
The Finite State Blog

Practical insights and articles from our SMEs to help product security teams cut triage noise, fix what matters faster, and deliver audit-ready proof to customers and regulators.

65 results

Black Box to Clarity: Breaking Open Firmware Security
Software Supply Chain Security

Black Box to Clarity: Breaking Open Firmware Security

See how automated firmware analysis turns opaque binaries into clear, actionable insights—helping manufacturers uncover vulnerabilities before attacke...

Robert Kelley
Robert KelleySEPTEMBER 22, 2025
Beyond SBOMs: How Deep Binary Analysis and Exploitability Insights Set Finite State Apart
SBOM ManagementSoftware Supply Chain Security

Beyond SBOMs: How Deep Binary Analysis and Exploitability Insights Set Finite State Apart

Discover how Finite State goes beyond SBOMs with deep binary analysis, reachability insights, and exploitability scoring for real-world risk reduction...

R
Roland LindseyAUGUST 18, 2025
How to Deal with Opaque Vendors: Securing Components Without Source Code Access
Software Supply Chain SecurityAI in Cybersecurity

How to Deal with Opaque Vendors: Securing Components Without Source Code Access

Learn how to secure IoT components from opaque vendors without source code access, using binary analysis and penetration testing for compliance.

Edwin Shuttleworth
Edwin ShuttleworthJULY 5, 2025
Software Supply Chain Security Metrics: What to Measure & Why
Software Supply Chain Security

Software Supply Chain Security Metrics: What to Measure & Why

Discover essential software supply chain security metrics that drive visibility, compliance, and proactive risk management across connected devices.

Ali Siddiqui
Ali SiddiquiJUNE 27, 2025
The Open Source Trojan Horse — Hidden Risk in Reused Code
Software Supply Chain SecurityProduct Security

The Open Source Trojan Horse — Hidden Risk in Reused Code

Open source powers IoT, but hidden components and transitive risks expose your products. Learn how to secure what you didn’t even know you shipped.

Larry Pesce
Larry PesceJUNE 2, 2025
Think Your Source Code Is Secure? Check Your Firmware
Software Supply Chain SecurityProduct Security

Think Your Source Code Is Secure? Check Your Firmware

Attackers target what runs, not what’s written. Learn why binary-level firmware analysis is essential for real IoT security and regulatory compliance.

Larry Pesce
Larry PesceJUNE 2, 2025
Shellfish, SBOMs, and Firmware: A Security Tale You Won’t Forget
Software Supply Chain Security

Shellfish, SBOMs, and Firmware: A Security Tale You Won’t Forget

Many scanners miss critical IoT risks hidden in binaries and firmware. Learn why visibility beyond source code is essential for secure, compliant prod...

Larry Pesce
Larry PesceMAY 30, 2025
Finite State vs. Mend.io: Choosing the Right Tool for Product Security and Compliance
Software Supply Chain SecurityIoT & OT+1

Finite State vs. Mend.io: Choosing the Right Tool for Product Security and Compliance

Compare Mend.io vs Finite State: See why embedded device manufacturers choose Finite State for firmware SCA, SBOMs, and compliance-ready security.

Finite State Team
Finite State TeamMAY 29, 2025
CI/CD, DevSecOps, and the Road to Security Maturity
Software Supply Chain SecurityProduct Security

CI/CD, DevSecOps, and the Road to Security Maturity

Build secure connected products faster. Learn how to avoid common DevSecOps pitfalls and mature your CI/CD security for embedded and IoT environments.

Robert Kelley
Robert KelleyMAY 15, 2025
Beyond Automation: Why Deep Binary Analysis is Critical for IoT Security Success
Software Supply Chain SecurityProduct Security

Beyond Automation: Why Deep Binary Analysis is Critical for IoT Security Success

Deep binary analysis reveals vulnerabilities automation misses. Learn how Finite State secures embedded systems beyond traditional tools.

Finite State Team
Finite State TeamMAY 7, 2025
The 2025 Verizon Data Breach Investigations Report: What It Means for Product and Supply Chain Security
Software Supply Chain SecurityProduct Security

The 2025 Verizon Data Breach Investigations Report: What It Means for Product and Supply Chain Security

Discover what the 2025 Verizon DBIR means for product and supply chain security—and how Finite State helps you stay compliant and secure.

Finite State Team
Finite State TeamMAY 7, 2025
Managing Open-Source Dependencies in IoT Software: Best Practices
Software Supply Chain SecurityIoT & OT

Managing Open-Source Dependencies in IoT Software: Best Practices

Learn why open-source dependency management is critical for IoT security, compliance, and resilience—plus best practices and tools to get it right.

Janet Bodenbach
Janet BodenbachAPRIL 9, 2025
Finite StateFinite State

Finite State is the Product Security Automation Platform that functions as an autonomous Product Security OS: design → verify → prove, grounded in what you ship.

Platform

Platform Overview
Ground Truth Inventory
Exploitability-Based Prioritization
Design-Time Architecture Security
Automated Evidence-Backed Compliance

Solutions

Device Manufacturers
Automotive
Medical Devices
Energy & Utilities
Government
Industrial

Resources

Blog
Resource Library
Webinars & Videos
Events
Documentation

Company

About Us
CareersHIRING
Press & Media
Contact Sales
X

© 2026 Finite State. All rights reserved.

Privacy PolicyTerms of UseCustomer Terms and Conditions
Finite StateFinite State
Finite StateFinite State
LoginLogin