Finite State News

Finite State Boosts IoT Vulnerability Discovery with Advanced Search

Written by Finite State Team | Dec 15, 2021 2:06:24 PM

Advanced search capability provides holistic contextual view of everything within IoT devices

COLUMBUS, Ohio — Dec. 15, 2021 — Finite State, the product security leader for connected devices, has released a search function for its platform that allows users to gain full visibility into their embedded devices and identify whether a known vulnerability is present. 

Internet of Things (IoT) devices have been black boxes whose security is notoriously difficult to verify. Traditionally, large companies would need more than 30 days for various business units and product teams to confirm a vulnerability in one of those devices. 

As we’ve seen demonstrated recently by Log4j, security teams can’t afford to wait to find exactly where they are impacted. This isn’t the only vulnerability either, it's happened before with the likes of Treck IP Stack and DNSpooq. Instead of relying on hundreds of individual product teams to manually search for a Common Vulnerabilities and Exposures (CVE) identifier, Finite State searches all embedded devices a company manufactures within seconds to find CVEs or affected software. This allows a mitigation plan to come together much faster so that companies can more quickly ensure product security.

“This is something our clients have been yearning for and now we’re able to make their security teams’ lives much simpler and involve far fewer people as they work to manage vulnerabilities on their products,” said Jeff Martin, VP of Product at Finite State.

Finite State’s enhanced search capability is unique because it not only reduces a month-long wait down to a single click, it also provides enhanced results with business and product context. Results are broken down not just by individual product, but also by product family and business unit.

In addition to finding vulnerabilities, the search function can also scan firmware for accounts. If a device manufacturer were to find a backdoor account that was missed during product testing, the search function can find the account name and all firmware versions that have used that account. 

Learn more about how easy understanding IoT device risk is with Finite State.

 

About Finite State

Finite State empowers organizations to gain control of product security for their connected devices and supply chains. Backed by a team of seasoned experts, our automated product security platform arms our customers with the actionable insights, critical vulnerability data, and remediation guidance necessary to mitigate product risk and protect the connected attack surface. For more information, visit www.finitestate.io.

Matt McLoughlin
Gregory FCA on behalf of Finite State
Phone: 610.996.4264
matt@gregoryfca.com