Firmware IQ
Firmware IQ is a commercial security analysis platform Dr. Martin designed and led development of at Harbor Labs. Customers use the system to assess the security posture of embedded device firmware, container images, and virtual machine appliances before deployment.
The platform accepts images through a web-based portal, unpacks them into constituent components, and performs over 100 automated security checks. These include identification of known vulnerable software components cross-referenced against NIST’s National Vulnerability Database, detection of insecure configurations and hardcoded credentials, and auditing of cryptographic implementations to identify flaws in how cryptographic algorithms are deployed — weak key generation, improper use of initialization vectors, use of deprecated ciphers, and similar implementation-level issues that are distinct from algorithmic weaknesses.
The engine handles a wide range of firmware formats from different embedded device manufacturers as well as container and virtual machine image formats, enabling organizations to scan their entire deployment infrastructure for known vulnerabilities and cryptographic weaknesses at scale.