PKfail: one test key, 12 years, hundreds of devices 300+ firmware vulnerabilities disclosed by Binarly REsearch Transparency Platform v3.0 ships exploitation maturity scoring $14.1M raised across two seed rounds Zero Trust SBOM: rebuild the manifest from the binary Black Hat 2023 Startup Spotlight finalist PKfail: one test key, 12 years, hundreds of devices 300+ firmware vulnerabilities disclosed by Binarly REsearch Transparency Platform v3.0 ships exploitation maturity scoring $14.1M raised across two seed rounds Zero Trust SBOM: rebuild the manifest from the binary Black Hat 2023 Startup Spotlight finalist
Company Profile Firmware Security Santa Monica, CA Est. 2021
Binarly logo - lowercase b mark
The lowercase "b," photographed against its own darkness. A logo for a company that works where the light usually doesn't reach - the code beneath the operating system.
The Firm Below the OS

Binarly

It reads the code no one else looks at - the firmware layer under your operating system - and keeps finding things vendors shipped by accident.

300+
Vulns Disclosed
$14.1M
Total Raised
12 yrs
PKfail Lifespan
2021
Founded

A Business Built in the Blind Spot

Here is a fact about your computer that is technically boring and practically alarming: before the operating system you can see wakes up, a smaller, older, less-supervised pile of code called firmware runs first. It decides what to trust. Almost nobody checks it. Binarly is a company whose entire premise is that somebody should.

The standard way to think about software supply chain security is to look at the software - the apps, the libraries, the open-source packages with names and version numbers and, increasingly, a "software bill of materials" listing what's inside. This is good and useful. It is also, if you're an attacker, exactly where the security team is looking. The interesting move, competitively speaking, is to go somewhere else. Binarly went below the operating system, into UEFI firmware, BMC controllers and the binaries that ship on devices, and set up shop in the part of the stack that most tools treat as a sealed box.

The company was founded in 2021 by Alex Matrosov and Claudiu Teodorescu, two reverse engineers who spent their careers on the offensive side of this problem - finding firmware flaws at NVIDIA, Intel, ESET, FireEye and others. Matrosov co-wrote Rootkits and Bootkits, a book about the exact category of threat his company now sells a defense against. This is a common and slightly funny pattern in security: the best way to build a product that finds bad things is to hire the people who are extremely good at making them.

Binarly is pioneering a new approach focused on modern AI/ML to find and mitigate attack surfaces below the operating system. - Company positioning, Binarly

Don't Trust the Manifest

The flagship product is the Binarly Transparency Platform, an enterprise, AI-powered system used by device manufacturers, OEMs, independent BIOS vendors and product-security teams. Its job is to look at a firmware image and answer questions the vendor often can't answer about their own device: what's actually in here, is any of it known to be vulnerable, is any of it vulnerable in a way nobody's catalogued yet, and did somebody slip in something that shouldn't be here at all.

The clever part is the approach to the software bill of materials. A lot of SBOMs are, functionally, a list somebody typed once. Binarly's pitch is what it calls a Zero Trust approach: rather than believe the manifest, it reconstructs the dependency graph from the binary itself - reading the bytes and rebuilding the truth. The uncomfortable finding, over and over, is that the list and the reality don't match.

01

Transparency Platform

Detects known and unknown firmware vulnerabilities, implants and misconfigurations. Plugs into SDLC and CI/CD pipelines.

02

Zero Trust SBOM

Reconstructs a dependency graph directly from binaries instead of trusting a supplied manifest or hashes.

03

Binary Risk Hunt

A free scanner that generates SBOMs and surfaces firmware risk - the on-ramp to the full platform.

Version 3.0, released in 2025, added the sort of features that tell you where the market is going: real-time threat-intelligence prioritization, exploitation maturity scoring, a microcode vulnerability checker, cryptographic artifact discovery and auto-validated secret detection. The recurring theme is triage. A scanner that returns four thousand findings is not a security tool; it is a way to generate alert fatigue at scale. Binarly's argument is that a vulnerability matters when it is reachable and exploitable, not merely present - so it tries to rank the twelve things you should actually panic about above the rest.

The Twelve-Year Key

If you want to understand what Binarly does, look at PKfail. In July 2024 the company disclosed that hundreds of device models were shipping with an insecure Platform Key - the cryptographic root of trust for UEFI Secure Boot. The keys had been generated by a firmware vendor and, it appears, handed around as a reference example with a label that amounted to "do not use in production." They were used in production. Widely.

Tagged CVE-2024-8105, PKfail makes it trivial to defeat Secure Boot on affected machines, which is a polite way of saying an attacker can load firmware-level malware - the BlackLotus class of threat - and have it survive nearly everything you'd normally do to clean an infected computer. The affected devices weren't just laptops. They included ATMs, medical equipment and voting machines.

The detail that lands hardest: the first vulnerable firmware shipped in May 2012, and the latest in June 2024. That's over twelve years of the same shortcut, copied and pasted across an industry, sitting quietly in the layer nobody reads. Supply-chain convenience always wins in the short run. It just sends the invoice later.

The Server in Your Blind Spot

Binarly sells to the companies whose products contain firmware they didn't fully write. Server-market firmware often passes through three sets of hands - an ODM builds it, an IBV licenses the BIOS, an OEM ships it - and visibility drops at every handoff. Binarly inserts a checkpoint. Its research has probed Supermicro BMC firmware, uncovering a signature-verification bypass (CVE-2024-10237) among a year-long chain of flaws, and its customer and partner orbit includes names like Cisco, Meta, Dell, Framework and OnLogic.

CiscoMetaDell FrameworkSupermicroOnLogicSonim

The business model is straightforward B2B subscription software, sharpened by a research arm that publishes openly. The free Binary Risk Hunt scanner and a steady drip of CVE-numbered disclosures do the marketing that a slide deck can't: they demonstrate the product works by pointing at real vendors who patched real problems because Binarly told them to.

The Short History

APR 2021
Binarly Inc. founded by Alex Matrosov and Claudiu Teodorescu.
JUN 2022
$3.6M seed round from Westwave Capital and Acrobator Ventures, plus a roster of security-industry angels.
APR 2023
Transparency Platform unveiled for device supply chain security.
AUG 2023
Named a finalist at the Black Hat USA Startup Spotlight competition.
MAR 2024
$10.5M financing led by Two Bear Capital, with Cisco Investments among the participants.
JUL 2024
Discloses PKfail (CVE-2024-8105) - a 12-year Secure Boot supply-chain flaw.
APR 2025
Transparency Platform v3.0 adds threat-intel prioritization and exploitation maturity scoring.

"The usage of default test keys makes it trivial to defeat Secure Boot on affected devices."

- Binarly REsearch, on PKfail (CVE-2024-8105)

Two Rounds, One Thesis

Binarly has raised roughly $14.1M across two seed rounds. The 2024 round, led by Two Bear Capital, added Blu Ventures, Canaan Partners, Cisco Investments and Liquid 2 Ventures - with early backers Westwave Capital and Acrobator Ventures expanding their stakes.

SEED · JUN 2022 · Westwave, Acrobator$3.6M
SEED · MAR 2024 · Two Bear Capital (lead)$10.5M

Share This Profile

Quick facts: Binarly

Binarly is a firmware and software supply chain security company that reads the code no one else looks at - the layer below the operating system. Its AI-powered Transparency Platform analyzes firmware binaries to surface known and unknown vulnerabilities, malicious implants, misconfigurations and cryptographic weaknesses, then builds a genuine software bill of materials by reconstructing dependencies from the binary itself rather than trusting a manifest. Founded in 2021 by veteran reverse engineers Alex Matrosov and Claudiu Teodorescu, the company has disclosed hundreds of high-impact firmware vulnerabilities, including the widely covered PKfail Secure Boot flaw.

Founded
2021
Headquarters
Santa Monica, California, United States
Founders
Alex Matrosov (Founder & CEO), Claudiu Teodorescu (Co-Founder)
Team size
~30 employees
Products
Binarly Transparency Platform, Zero Trust SBOM / Dependency Analysis, Binary Risk Hunt, Transparency Platform v3.0 capabilities, Binarly REsearch / Vulnerability disclosures
Notable
Disclosed 300+ high-impact firmware vulnerabilities via Binarly REsearch, Discovered and disclosed PKfail (CVE-2024-8105), an insecure UEFI Secure Boot Platform Key issue spanning 12+ years of shipped firmware, Uncovered critical Supermicro BMC firmware flaws including a signature verification bypass (CVE-2024-10237)

Last updated: