Skip to content

Analysis configuration

Summary

Use analysis configurations to enable or disable steps in the analysis process. You can choose which analysis configuration to apply on a firmware either during the upload process or later from the Firmware Info page.

Modify analysis configurations

  1. Click Configuration in the top menu bar and select Analysis Configurations
  2. Create a new configuration by clicking Create new analysis configuration, or edit an existing one by clicking the Edit button.
  3. Activate/deactivate 0-day binary analysis, RTOS firmware detection or both.

Run a configuration

When uploading new firmware

Select a configuration from the Analysis configuration dropdown:

Analysis config

On a previously uploaded firmware

  1. Enter Firmware analysis view by selecting a firmware on your dashboard or in the Firmwares tab.
  2. Select the Firmware Info page.
  3. Click on the Edit button.
  4. Select a configuration from the Analysis configuration dropdown
  5. Rerun the analysis for the new configuration to take effect.

Extended Component Rules

Extended component rules identify software components using fuzzy matching. They complement the existing component detection by searching for:

  1. File names - Matching component names in file paths
  2. Symbol names - Matching component signatures in ELF binary symbols
  3. String contents - Matching component identifiers in binary strings
  4. Version extraction - Extracting version numbers from any of the above
Detection Levels

OFF (Default)

Strict

  • Very strict matching
  • Minimizes false positives but may no find too many extra components
  • Use when: Accuracy is critical and you prefer fewer, higher-confidence detections

Balanced

  • Balanced matching
  • Good trade-off between detection rate and accuracy
  • Use when: You want comprehensive component detection with reasonable confidence

Loose

  • Relaxed matching
  • Finds a high number of components but increases false positive risk
  • Use when: You need exhaustive component discovery and can validate results manually

Enabling extended component rules increases analysis time, especially at looser detection levels.