# Binarly: Firmware Security for the Software Supply Chain
Binarly is an AI-powered firmware and software supply chain security company that detects both known and unknown vulnerabilities in firmware, software, and containers before they reach production.[1][2] Founded in 2021 and based in Santa Monica, California, the company serves device manufacturers, OEMs, and enterprise security teams with its flagship Binarly Transparency Platform—an agentless, cloud-agnostic solution that provides visibility into firmware vulnerabilities, malicious code, and software bill of materials (SBOMs) without requiring access to source code.[1][3]
The company addresses a critical gap in cybersecurity: traditional vulnerability scanning tools focus on known threats and often miss the deeper structural weaknesses embedded in binary code. Binarly's approach goes beneath the surface to understand how code executes, identifying entire classes of defects with near-zero false positives.[7] This positions the company at the intersection of two urgent market forces—the exponential rise in firmware-targeted cyberattacks and the increasing regulatory demand for supply chain transparency.
Binarly was founded in 2021 by researchers with decades of experience in hardware and firmware security analysis.[1] Alexander Matrosov, who serves as CEO and Head of Research, is a key figure behind the company's technical direction. The founding team brought deep expertise in program analysis and binary research, translating academic and research knowledge into enterprise-grade security tooling.[6]
The company emerged at a moment when firmware security was largely overlooked in enterprise cybersecurity strategies. While most security investments focused on application and network layers, firmware—the software that runs below the operating system on devices—remained a blind spot for attackers to exploit. Binarly's founders recognized this vulnerability gap and built technology specifically designed to illuminate threats at the firmware level, a layer that had historically received minimal security scrutiny.
Firmware security sits at the intersection of three converging trends. First, cyberattacks on firmware are increasing exponentially due to inadequate security controls at the firmware layer—a vulnerability that affects everything from IoT devices to enterprise servers.[4] Second, regulatory pressure for supply chain transparency is intensifying, with frameworks like the NIST Cybersecurity Framework and emerging government mandates requiring organizations to demonstrate visibility into their software and firmware components. Third, the shift toward zero-trust and defense-in-depth strategies means security teams can no longer ignore the layers below the operating system.
Binarly's timing is particularly strategic. As device manufacturers and enterprises grapple with the complexity of managing firmware across global supply chains, and as regulators demand proof of due diligence, the company provides both the technical capability and the compliance documentation that organizations need. By securing patents for its machine learning innovations and building enterprise-grade tooling, Binarly is helping establish firmware security as a non-negotiable component of modern cybersecurity posture.[6]
The company has attracted investment from credible sources, including Cisco Investments, signaling confidence in both the market opportunity and the technical approach.[4] This backing reflects broader recognition that firmware security is no longer a niche concern but a foundational requirement for enterprise and critical infrastructure protection.
Binarly is positioned to become a standard tool in the firmware security toolkit as enterprises and regulators demand greater visibility into software supply chains. The company's recent patent grants and continued platform enhancements suggest a trajectory toward deeper integration into CI/CD pipelines and development workflows, making firmware security analysis as routine as application testing.
The next phase of growth will likely depend on how effectively Binarly can expand beyond firmware into broader software supply chain security, particularly as containerization and microservices architectures create new attack surfaces. Additionally, as post-quantum cryptography adoption accelerates, Binarly's stated focus on assisting organizations in transitioning to PQC environments could become a significant differentiator.[6]
What makes Binarly compelling is not just the technology, but the timing: they're solving a problem that enterprises are finally willing to invest in, at a moment when regulatory and threat landscapes make firmware security unavoidable.
Binarly has raised $15.0M in total across 2 funding rounds.
Binarly's investors include Acrobator Ventures, Act Venture Capital, AlleyCorp, Blu Venture Investors, Canaan Partners, Cisco Investments, Draper Associates, Founders Fund, Gaingels, K2 Global, KRM Interests LLC, Liquid 2 Ventures.
Binarly has raised $15.0M across 2 funding rounds. Most recently, it raised $11.0M Seed in March 2024.
| Date | Round | Lead Investors | Other Investors |
|---|---|---|---|
| Mar 1, 2024 | $11.0M Seed | Acrobator Ventures, Act Venture Capital, AlleyCorp, Blu Venture Investors, Canaan Partners, Cisco Investments, Draper Associates, Founders Fund, Gaingels, K2 Global, KRM Interests LLC, Liquid 2 Ventures, Lockheed Martin Ventures, Nexus Venture Partners, Quantum Angels Venture Capital, Scale Asia Ventures, Scalebridge Capital, Stellar Capital, Structure Capital, Two Bear Capital, Valhalla Ventures, WestWave Capital, Sahin Boydas, Stephen Cole | |
| Jun 1, 2022 | $4.0M Seed | Acrobator Ventures, Act Venture Capital, Andreessen Horowitz, Banana Capital, Blu Venture Investors, Browder Capital, Canaan Partners, Cisco Investments, Climate Capital, KRM Interests LLC, Lightspeed Venture Partners, Liquid 2 Ventures, Outrun Ventures, Preface Ventures, Scale Asia Ventures, SNR, Techstars, True Ventures, Two Bear Capital, WestWave Capital, Jeff Chang, Oleg Rogynskyy, Sahil Lavingia, Tom Williams, Vlad Ionescu |
