Binarly
Founded Year
2021Stage
Seed VC | AliveTotal Raised
$14.1MLast Raised
$10.5M | 2 yrs agoMosaic Score The Mosaic Score is an algorithm that measures the overall financial health and market potential of private companies.
+9 points in the past 30 days
About Binarly
Binarly specializes in firmware security and supply chain risk management within the cybersecurity industry. The company offers an AI-powered platform that detects and remediates known and unknown vulnerabilities in firmware and software supply chains. Binarly's services are designed to provide visibility into firmware and software vulnerabilities, identify malicious code, and offer prescriptive fixes for rapid resolution. It was founded in 2021 and is based in Santa Monica, California.
Loading...
Loading...
Research containing Binarly
Get data-driven expert analysis from the CB Insights Intelligence Unit.
CB Insights Intelligence Analysts have mentioned Binarly in 3 CB Insights research briefs, most recently on Oct 20, 2025.
Oct 20, 2025 report
Book of Scouting Reports: 2025’s Digital Health 50
May 16, 2025 report
Book of Scouting Reports: 2025’s AI 100
Apr 24, 2025 report
AI 100: The most promising artificial intelligence startups of 2025Expert Collections containing Binarly
Expert Collections are analyst-curated lists that highlight the companies you need to know in the most important technology spaces.
Binarly is included in 5 Expert Collections, including Cybersecurity.
Cybersecurity
11,028 items
These companies protect organizations from digital threats.
AI 100 (2024)
100 items
Artificial Intelligence (AI)
20,628 items
AI 100 (2025)
100 items
AI 100 (All Winners 2018-2025)
200 items
Binarly Patents
Binarly has filed 3 patents.
The 3 most popular patent topics include:
- wireless networking
- compiler construction
- cryptography
Application Date | Grant Date | Title | Related Topics | Status |
|---|---|---|---|---|
10/2/2024 | 2/25/2025 | Wireless networking, Memory management, Parallel computing, DEC hardware, Minicomputers | Grant |
Application Date | 10/2/2024 |
|---|---|
Grant Date | 2/25/2025 |
Title | |
Related Topics | Wireless networking, Memory management, Parallel computing, DEC hardware, Minicomputers |
Status | Grant |
Latest Binarly News
Sep 25, 2025
di Manolo De Agostini pubblicata il 25 Settembre 2025, alle 09:11 nel canale Security Binarly ha scoperto due vulnerabilità critiche nei firmware BMC di Supermicro, CVE-2025-7937 e CVE-2025-6198, che consentono l'installazione di immagini firmware malevole e il bypass della Root of Trust. Supermicro ha confermato i problemi e rilasciato patch per modelli selezionati. Ricercatori della società Binarly hanno individuato due nuove vulnerabilità, classificate come CVE-2025-7937 e CVE-2025-6198, nella logica di validazione del firmware BMC (Baseboard Management Controller) impiegato su schede madri Supermicro. Una delle due aggira una patch che la società aveva già diffuso all'inizio dell'anno per correggere un'altra problematica di sicurezza. Le falle permettono di caricare immagini firmware appositamente create che, pur mantenendo digest e firma apparenti, consentono la sostituzione o la rilocazione di regioni firmate e l'esecuzione di codice non autorizzato a livello di boot. BMC è un microcontrollore presente sulle schede madri dei server Supermicro che consente il monitoraggio e la gestione remota del sistema anche quando questo è spento. "Questo problema di sicurezza potrebbe consentire a potenziali aggressori di ottenere il controllo completo e persistente sia del sistema BMC sia del sistema operativo del server principale", sostengono i ricercatori di Binarly. Il vettore di attacco descritto sfrutta due meccanismi distinti ma correlati: una manipolazione del meccanismo fwmap - la tabella presente nell'immagine firmware che definisce le regioni firmate - e una logica di validazione difettosa nell'implementazione auth_bmc_sig eseguita nell'ambiente OP-TEE su alcuni firmware (es. MBD-X13SEM-F). In pratica, un malintenzionato in grado di fornire un'immagine può ridefinire le regioni firmate e spostare dati originali in aree inattive della memoria, facendo sì che l'hash calcolato coincida con il valore firmato e superi la verifica, pur contenendo codice malevolo. L'impatto pratico è elevato: l'installazione di un firmware malevolo sulla BMC fornisce persistenza sotto il sistema operativo, controllo privilegiato sulla macchina e la possibilità di bypassare meccanismi progettati per verificare l'integrità del boot (Root of Trust). Gli autori hanno dimostrato anche come sia possibile flashare e avviare un kernel personalizzato, evidenziando che l'autenticazione del kernel durante l'avvio può risultare inefficace in scenari specifici. Supermicro ha confermato i problemi e ha pubblicato aggiornamenti di sicurezza; per alcuni modelli sono già disponibili firmware aggiornati, mentre per altri prodotti bisognerà attendere ancora del tempo. Binarly ha inoltre reso disponibili proof-of-concept per le due vulnerabilità; la pubblicazione di PoC rende urgente l'applicazione delle patch da parte degli amministratori di datacenter e delle organizzazioni che usano hardware Supermicro.
Binarly Frequently Asked Questions (FAQ)
When was Binarly founded?
Binarly was founded in 2021.
Where is Binarly's headquarters?
Binarly's headquarters is located at 2450 Colorado Avenue, Santa Monica.
What is Binarly's latest funding round?
Binarly's latest funding round is Seed VC.
How much did Binarly raise?
Binarly raised a total of $14.1M.
Who are the investors of Binarly?
Investors of Binarly include WestWave Capital, Acrobator Ventures, Cisco Investments, Liquid 2 Ventures, Two Bear Capital and 15 more.
Who are Binarly's competitors?
Competitors of Binarly include Chainguard, Qwiet AI, SixMap, Prewave, ReversingLabs and 7 more.
Loading...
Compare Binarly to Competitors
Aqua Security focuses on securing containerized cloud native applications within the cybersecurity sector. The company provides a lifecycle solution that includes pre-deployment hygiene enforcement and real-time attack mitigation for cloud native applications. Aqua's clientele consists of large enterprises that require cloud security. Aqua Security was formerly known as Scalock. It was founded in 2015 and is based in Ramat Gan, Israel.
Oligo focuses on runtime application security and offers solutions for scanning and monitoring, supply chain security, application vulnerability management, and attack detection and response. It was founded in 2022 and is based in Tel Aviv, Israel.
RapidFort specializes in software attack surface management and operates within the cybersecurity domain. The company provides common vulnerabilities and exposures (CVE) images for secure software development, CVE remediation, and tools for vulnerability scanning, profiling, and hardening applications in both development and production environments. It's solutions aim to address compliance processes and improve software supply chain security and workload management. It was founded in 2020 and is based in Sunnyvale, California.
Veracode provides application security solutions across sectors, including government, financial services, software, technology, retail, and healthcare. The company offers services for the software development life cycle, including vulnerability detection, static and dynamic application security testing, software composition analysis, container security, application security posture management, and penetration testing. Veracode's platform integrates into development processes, providing feedback and remediation supported by artificial intelligence to improve developer efficiency and security. It was founded in 2006 and is based in Burlington, Massachusetts.
Flashpoint specializes in threat data and intelligence, focusing on cybersecurity and intelligence services. The company offers products including cyber threat intelligence, vulnerability intelligence, physical security intelligence, and national security intelligence, all enriched with human insights. Flashpoint serves businesses and government sectors, providing solutions that include fraud prevention, brand protection, and operational resilience against evolving threats. Flashpoint was formerly known as Flashpoint Intelligence. It was founded in 2010 and is based in Washington, DC.
Bright Security specializes in dynamic application security testing (DAST) and API security within the cybersecurity industry. The company offers solutions that integrate with continuous integration and delivery (CI/CD) pipelines to identify and manage vulnerabilities in web applications and APIs, catering to the needs of developers and security teams. Bright Security's services are designed to validate business logic, provide extensive vulnerability coverage, and offer clear remediation guidelines with a focus on low false positives. It was founded in 2018 and is based in San Rafael, California.
Loading...