Large enterprises in industries such as automotive and financial services are typically not tech-driven. Instead, they rely on technology to drive their own portfolio of products. Take, for example, an automotive company that manufactures cars. In many cases, the company doesn’t create the technology embedded in those cars, such as GPS, Bluetooth, and heads-up displays. Instead, it procures a large portfolio of applications from vendors and contractors to make these technologies work. But just because the car manufacturer didn’t create the software doesn’t mean they’re not on the hook for it once they install it in their cars.
Typically, you don’t have access to the source code for third-party applications, even once you bring them in-house. Or you might be analyzing the health of the software as part of a buy cycle or security review before you purchase it. As we know, it’s highly likely that the application contains open source. In these situations, you need a binary code analysis tool to help you vet purchased software. After all, no one wants to be in a car that gets remotely hacked because of a vulnerable piece of software.