Iotinspector Istock 1018211724 Branded

Determine your company’s security risks

IoT Inspector enables you to efficiently determine security risks that might impact your business’ legal compliance, reputation, or financial status. It combines more than 10 years of firmware vulnerability research and experience from an uncountable amount of vulnerability scans.

Take the first step and analyze how secure your IoT devices really are.

Free Trial

Non-intrusive analysis

No impact on production

No installation

Iot Inspector

What IoT Inspector can do for you

  • Detect vulnerabilities in the firmware of IoT devices
  • Work without a single line of original source code
  • Doesn’t require network connectivity to sensitive internal networks
  • Provide you with instant results, comprehensive reporting and alerting
  • Cover a broad range of IoT devices, including IP cameras, routers, printers, and many more
  • Integrate into your existing risk management and software development tools
Free Trial

Did you know?

  • More than 90% of firmware files analyzed by IoT Inspector contain critical vulnerabilities.
  • Default credentials are the number 1 vulnerability exploited by hackers to hijack your IoT devices.
  • IoT devices have already outnumbered the world’s population.

This is how we do it

IoT Inspector in a nutshell

Look under the hood instead of just checking for dents and scratches.

The IoT Inspector is a cloud-based vulnerability scanning platform that analyzes the firmware of IoT devices. Just upload the firmware, while IoT Inspector does the heavy lifting.
While the firmware analysis works best with Linux-based systems (which covers over 80% of firmare files out of the box), the platform’s vulnerability detection skills are OS agnostic.

  • IoT security standards compliance
  • Software composition analysis
  • Cryptography analysis

Organizations and authorities have made it their mission to counteract this by adopting IoT security guidelines – for example for critical infrastructures. The IoT Inspector Compliance Checker currently automatically checks for deviations from the following IoT security standards:

  • BITAG – Broad Internet Technical Advisory Group
  • DIN – Deutsches Institut für Normung
  • ENISA Baseline Security Recommendations for IoT
  • ETSI TS 103 645
  • GOV.UK – Government of the United Kingdom: Department for Digital, Culture, Media and Sport
  • LEGINFO CA GOV – State of California Legislative Information
  • OWASP TOP 10 IoT 2018
Free Trial

Detect critical issues in your firmware within a couple of minutes


Go to the IoT Inspector interface and choose the firmware file to be inspected, e.g. a firmware image, update file or a flash dump.

Alternatively, you can embed the IoT Inspector into existing continuous integration tools or vulnerability management processes and make use of the powerful API to upload firmware.


After uploading, IoT inspector will start extraction of all elements of the firmware file, including archives, filesystems and compressed data. The extraction process is recursive and can therefore extract multiple layers of data. He will then look for vulnerabilities such as:

  • 3rd party components (software composition analysis) and thousands of known vulnerabilities
  • default or undocumented credentials (often exploited by "Mirai" and other bots)
  • hardcoded cryptographic secrets (including certificates and private keys)
  • leftover development or backdoor accounts
  • vulnerable service configuration
  • faulty implementation of secure software development guidelines
  • and many more...

IoT Inspector results are enriched with threat intelligence from Shodan and the NIST NVD.

Iot Inspector Platform

Reporting and Alerting

After IoT Inspector is done with your firmware, you will be presented with a detailed report. All results and can be accessed online or downloaded in several formats to suit your needs.
Detailed reporting features include:

  • custom-tailored reports with full vulnerability details and recommendations in PDF format.
  • structured vulnerability data in CSV format to import it into your vulnerability/risk management system.
  • access vulnerability data via IoT Inspector's REST API to automate your processes.
  • email alerts for new vulnerabilities in your firmware as they are discovered.

How much does IoT Inspector cost?

Whether you are a small business, multinational corporation, or government agency: We offer simple and transparent pricing plans to meet your individual security needs. Get in touch to learn more!

Is IoT Inspector the right tool for me?

I am a corporate IoT user

  • I have to make educated choices on new IoT purchases
  • I don't want to add any security risks to my network
  • I have to be compliant with regulatory requirements

I am an infrastructure or service provider

  • I want to protect my network
  • I want to provide secure services to my clients
  • I want to measure the risk of our IoT-related services
  • I am looking for quality control within our IoT supply chain

I am a consultancy or researcher

  • I would like to kick start my IoT security capabilities
  • I want to establish baseline for IoT security testing
  • I don't have time to waste effort on low hanging fruits
  • I prefer to focus on in-depth manual analysis with IoT Inspector's expert features
  • I would love to collaborate on IoT security projects

I am a device vendor

  • I need to know about vulnerabilities in my IoT devices
  • I want to build a secure IoT firmware stack, the affordable way
  • I need to protect brand investments
  • I need to have quality control on IoT supply chain
  • I might be integrating the IoT Inspector into my development process

I am a reseller

  • I am looking to earn money while providing my customers with the best vulnerability scanner on the market