RunSafe Security recently announced the launch of the RunSafe Risk Reduction Analysis, a new solution aimed at providing cybersecurity professionals and embedded systems developers with valuable insights into common vulnerabilities and exposures (CVEs) as well as memory-based zero-day vulnerabilities in software. The tool, part of the company’s Identify solution, focuses on identifying and mitigating memory-based vulnerabilities, which are often exploited in modern embedded systems, leaving software vulnerable to attacks like arbitrary code execution, privilege escalation, denial-of-service (DoS), and data theft.
According to Joseph M. Saunders, CEO of RunSafe Security, memory safety issues account for nearly 70% of vulnerabilities in embedded systems. With the Risk Reduction Analysis, organizations now have the necessary tools and insights to eliminate this class of vulnerabilities, significantly boosting their resilience against remote code execution attacks and other exploits.
The Risk Reduction Analysis works by examining a software binary or a Software Bill of Materials (SBOM) to assess the risk to embedded systems. It leverages research from Linköping University to quantify memory-based zero days and calculate the number of binary attack vectors, such as return-oriented programming (ROP) chains, present within the software.
In a recent analysis conducted using the tool, it was revealed that the software in question was exposed to 1.6 million potential ROP gadgets. However, with the implementation of advanced runtime protections, the risk reduction achieved was greater than 98.28%.
This new solution from RunSafe Security comes at a critical time when the cyber threat landscape is constantly evolving, with attackers increasingly targeting vulnerabilities in software to exploit embedded systems. By offering a comprehensive analysis of total exposure to critical vulnerabilities and demonstrating the effectiveness of runtime protections in reducing risk, the RunSafe Risk Reduction Analysis equips organizations with the knowledge and tools needed to enhance the security posture of their systems.
The importance of addressing memory-based vulnerabilities cannot be overstated, as they pose a significant risk to the integrity and security of embedded systems. By focusing on identifying and mitigating these vulnerabilities, organizations can proactively protect their software from potential exploits and cyber attacks.
With the RunSafe Risk Reduction Analysis, cybersecurity professionals and embedded systems developers now have a powerful tool at their disposal to assess and reduce the risk posed by memory-based vulnerabilities in software. By leveraging this solution, organizations can strengthen the security of their systems, enhance their resilience against attacks, and safeguard their critical assets from cyber threats.