Patent attributes
Provided are methods and systems for evaluating security of firmware. An example method may include acquiring a firmware image of firmware associated with at least one computing device. The method may include extracting at least one component of the firmware image. The method may include analyzing the component to detect at least one vulnerability of the firmware. The method may also include estimating, based on the at least one vulnerability, a security risk level of the firmware. The method may further include providing a report regarding the security risk level and the at least one vulnerability of the firmware. The analysis may include determining that the component matches a specific file or contains a specific string or a specific pattern. The analysis may include detection of a cryptographic key or password hash in the component and determining a level of weakness of the password hash.
