Apply security early in your product, application or system development life cycle with automated security and compliance testing
During the development phase, binary code analysis and vulnerability detection can help connected device stakeholders prevent attacks, speed up security and compliance checks of third-party, open-source components and their own implementations for faster time to market. In the operational phase, vulnerability monitoring and management can help connected device stakeholders prevent attacks and maintain their device’s security posture by tracking and remediating vulnerabilities as they emerge.
Benefits for connected device stakeholders
Connected device stakeholders face increasingly sophisticated cybersecurity challenges in today’s highly connected world. Leverage our Binary Check solution to help you.
Easily generate a Software Bill of Materials (SBOM)
Detect and manage known, unknown vulnerabilities in your own or third-party firmware, application, or system implementations for faster remediation
Obtain a security compliance readiness analysis on industry-leading standards, including ISO/SAE 21434, UNECE W.29, IEC 62443-4-1, IEC 62443-4-2, and ETSI 303 645
Gain clarity on where you stand and what you need to improve on
What is UL Solutions’ Binary Check solution?
Binary Check is a solution providing self-service binary code analysis and vulnerability management to device manufacturers, suppliers, and system integrators for firmware, applications, systems in development and in the field. The following assessments can be performed:
- Software Composition Analysis (SCA) and Software Bill of Materials (SBOM) Generation
- Common Vulnerabilities and Exposures (CVEs)
- Unknown vulnerabilities (zero-day vulnerabilities)
- Security compliance readiness analysis with supported standards and guidelines across verticals including UL Solutions' IoT Security Rating, ETSI 303 645, ISO/SAE 21434, IEC 62443 4-2, and more
What is the process?
Product security and development teams can self-register on the SafeCyber™ platform and choose a service plan with a dedicated number of credits based on their needs.
- Create a SafeCyber account
- Go to the SafeCyber Marketplace, click “Learn More” under Binary Check
- Choose an annual subscription plan (see below)
- After your order is processed, get access to the solution and start scanning binaries
Annual subscription plans
Customers can choose among the following annual subscription plans. Each plan has credits allowing customers to perform several assessments mentioned above based on their needs.
| Standard | Pro | Premium | Enterprise | |
|---|---|---|---|---|
| Number of credits | Up to 10 credits per month |
Up to 25 credits per month |
Up to 50 credits per month |
More than 50 credits per month |
| Vulnerability management | Yes | Yes | Yes | Yes |
| Continuous vulnerability monitoring | Yes | Yes | Yes | Yes |
| Jira integration | Yes | Yes | Yes | Yes |
Scans and assessments
| Scans and assessments | Cost |
|---|---|
| Software Composition Analysis (SCA) + SBOM Generation (for 1 binary package) Common Vulnerabilities and Exposures (CVEs) |
3 credits |
| Zero-Days | 1 credit |
| Compliance Readiness | 1 credit |
Subscription T&Cs
- Subscription plans are billed annually.
- Monthly credits accrue on the first of each month, credits can accumulate during the twelve (12) month subscription, and credits may be used until the last day of the twelve (12) month subscription. Credits are only valid during the twelve (12) month subscription term and expire after the annual subscription term ends.
- Additional credits can be purchased outside of subscription plans by bundles of five (5) credits.
Use of credits:
-
Software composition analysis and SBOM Generation credits can only be applied to one binary package.
-
One zero-day assessment credit can only be applied to one binary package.
-
Credits for one binary package are used once per annual subscription for continuous monitoring and detection of vulnerabilities during the annual subscription term.
-
Compliance readiness assessment credits are only applicable to binary packages for which Software Composition Analysis, SBOM Generation, CVEs and zero-day assessments have been done.
-
Several compliance readiness assessment credits can be applied on one binary package
Industry-specific standards supported
| Industry | Standards |
|---|---|
| General security |
|
| Secure coding |
|
| Legal and privacy |
|
| Consumer IoT |
|
| Automotive standards |
|
| Automotive best practices |
|
| Medical device guidance |
|
| Industrial IoT |
|
Download a Binary Check fact sheet
Binary Check is for product security and development teams at device manufacturers, suppliers or system integrators developing connected products and looking to speed up firmware, application or system development turnaround time while addressing vulnerabilities and ensuring security and compliance readiness with the latest standards and regulations.
Start applying security early in your product, application or system development with Binary Check today
Have more questions about Binary Check? Explore our Technical Guide and FAQs.
Explore SafeCyber solutions
SafeCyber
UL Solutions’ new security and compliance life cycle management platform for connected devices
Maturity Path™
Secure development life cycle maturity and process certification readiness assessments
