Conference Room

Determine your company’s security risks

IoT Inspector enables you to efficiently determine security risks that might impact your business’ legal compliance, reputation, or financial status. It combines more than 10 years of firmware vulnerability research and experience from an uncountable amount of vulnerability scans.

Take the first step and analyze how secure your IoT devices really are.

Request Free Trial

Non-intrusive analysis

No impact on production

No installation

Test firmare right away. IoT Inspector works on firmware, which is usually already publicly available on a vendor’s website. Catch up on the security status of your IoT devices and address potential cyber exposure gaps in your firmware before they are exploited by attackers.

Start Risk Analysis
Iot Inspector

What IoT Inspector can do for you

  • Detect vulnerabilities in the firmware of IoT devices
  • Work without a single line of original source code
  • Doesn’t require network connectivity to sensitive internal networks
  • Provide you with instant results, comprehensive reporting and alerting
  • Cover a broad range of IoT devices, including IP cameras, routers, printers, and many more
  • Integrate into your existing risk management and software development tools
Request Free Trial

Did you know?

  • More than 90% of firmware files analyzed by IoT Inspector contain critical vulnerabilities.
  • Default credentials are the number 1 vulnerability exploited by hackers to hijack your IoT devices.
  • IoT devices have already outnumbered the world’s population.

This is how we do it

IoT Inspector in a nutshell

Look under the hood instead of just checking for dents and scratches.

The IoT Inspector is a cloud-based vulnerability scanning platform that analyzes the firmware of IoT devices. Just upload the firmware, while IoT Inspector does the heavy lifting.
While the firmware analysis works best with Linux-based systems (which covers over 80% of firmare files out of the box), the platform’s vulnerability detection skills are OS agnostic.

  • IoT security standards compliance
  • Software composition analysis
  • Cryptography analysis
Experience it first hand

Detect critical issues in your firmware within a couple of minutes

Upload

Go to the IoT Inspector interface and choose the firmware file to be inspected, e.g. a firmware image, update file or a flash dump.

Alternatively, you can embed the IoT Inspector into existing continuous integration tools or vulnerability management processes and make use of the powerful API to upload firmware.

Analysis

After uploading, IoT inspector will start extraction of all elements of the firmware file, including archives, filesystems and compressed data. The extraction process is recursive and can therefore extract multiple layers of data. He will then look for vulnerabilities such as:

  • 3rd party components (software composition analysis) and thousands of known vulnerabilities
  • default or undocumented credentials (often exploited by "Mirai" and other bots)
  • hardcoded cryptographic secrets (including certificates and private keys)
  • leftover development or backdoor accounts
  • vulnerable service configuration
  • faulty implementation of secure software development guidelines
  • and many more...

IoT Inspector results are enriched with threat intelligence from Shodan and the NIST NVD.

Results

Reporting and Alerting

After IoT Inspector is done with your firmware, you will be presented with a detailed report. All results and can be accessed online or downloaded in several formats to suit your needs.
Detailed reporting features include:

  • custom-tailored reports with full vulnerability details and recommendations in PDF format.
  • structured vulnerability data in CSV format to import it into your vulnerability/risk management system.
  • access vulnerability data via IoT Inspector's REST API to automate your processes.
  • email alerts for new vulnerabilities in your firmware as they are discovered.

Is IoT Inspector the right tool for me?

I am a corporate IoT user

  • I have to make educated choices on new IoT purchases
  • I don't want to add any security risks to my network
  • I have to be compliant with regulatory requirements

I am an infrastructure or service provider

  • I want to protect my network
  • I want to provide secure services to my clients
  • I want to measure the risk of our IoT-related services
  • I am looking for quality control within our IoT supply chain

I am a consultancy or researcher

  • I would like to kick start my IoT security capabilities
  • I want to establish baseline for IoT security testing
  • I don't have time to waste effort on low hanging fruits
  • I prefer to focus on in-depth manual analysis with IoT Inspector's expert features
  • I would love to collaborate on IoT security projects

I am a device vendor

  • I need to know about vulnerabilities in my IoT devices
  • I want to build a secure IoT firmware stack, the affordable way
  • I need to protect brand investments
  • I need to have quality control on IoT supply chain
  • I might be integrating the IoT Inspector into my development process

I am a reseller

  • I am looking to earn money while providing my customers with the best vulnerability scanner on the market

Test it right away

Request Free Trial

The world of IoT is expanding. So are the risks.