Security & Trust
FDIE analyzes some of the most sensitive assets your company owns - your firmware. Here’s exactly how we protect it, and how we built the engine underneath it.
Last updated: July 6, 2026
How your data is protected.
Encryption at rest & in transit
All traffic to the FDIE platform is encrypted in transit via TLS, terminated at our edge and enforced end-to-end to our origin infrastructure. Database connections require TLS as well. Secrets and database credentials are never hardcoded - they are issued dynamically, short-lived, and automatically rotated through a dedicated secrets management system. Firmware images and analysis results are encrypted at rest on our infrastructure providers' managed storage.
Multi-tenant data isolation
Every firmware image, analysis result, and report is scoped to your organization. FDIE’s data model enforces org-level isolation at the database layer - your data is never visible to other tenants.
RBAC & audit logging
Role-based access control governs who can upload firmware, view results, or export reports. Every sensitive action - uploads, exports, user and role changes - is recorded in an audit log.
SSO / SAML (Enterprise)
Enterprise plans support SSO via SAML, so your team signs in with the identity provider you already use - and offboarding is handled centrally.
What FDIE is built on - and under which licenses.
Quick definition: Every component of FDIE's analysis pipeline is built and maintained in-house. No third-party analysis frameworks, no external tools required at runtime. We publish our engine stack and provide a full SBOM of FDIE itself on request.
| Component | License | Role in FDIE |
|---|---|---|
| In-house extraction engine | Proprietary | Unpacks firmware images and filesystems across 15+ formats |
| In-house control-flow & decryption engine | Proprietary | Resolves encrypted partitions and analyzes binary control flow |
| In-house binary parsing engine | Proprietary | Parses executable and library formats for component identification |
We publish our engine stack and provide a full SBOM of FDIE itself on request - the same standard we hold your firmware to.
Auditable accuracy, not a marketing number.
FDIE uses static binary analysis, pattern matching, and CVE database lookups. No machine learning, no probabilistic scoring. Run the same firmware twice and you get identical output. Every finding traces back to a specific binary, line, or configuration value you can verify yourself.
Deterministic
AI black boxes
Two of the biggest noise sources in firmware scanners, context-free high-entropy secrets and crypto-constant signatures, are suppressed by design.
You control how long we keep your data.
Firmware images and analysis results are retained for as long as your account is active, or per your plan's configured retention window. You can request deletion of your firmware images, analysis history, and account data at any time. For full details, see our Privacy Policy.
Where we are today
We'll update this page as certifications complete. In the meantime, this Security & Trust page documents our current architecture and controls in detail.
Who we share data with.
We use a small number of sub-processors to operate FDIE. Each is bound by a data processing agreement consistent with our own commitments.
| Sub-processor | Purpose | Location |
|---|---|---|
| Cloud infrastructure provider | Application and data hosting | India (default; data residency available on Enterprise on-prem) |
| Email service provider | Transactional email delivery | USA |
| Dodo Payments | Billing and invoicing | India |
Found a security issue?
We take vulnerability reports seriously and welcome reports from security researchers. Email us at [email protected] with details and reproduction steps - we'll acknowledge your report and keep you updated as we investigate.
Read our full Responsible Disclosure Policy for scope and ground rules, and see who we've credited so far on our Hall of Fame.
Questions about our security architecture?
Talk to our team directly - we're happy to walk through our architecture with your security or procurement reviewers.