Eclypsium Releases Version 4.2, Expanding Network Edge Security, Advanced Threat Detection, and Asset Profile Verification
Portland, OR — December 16, 2025 — Eclypsium, the IT infrastructure supply chain security company protecting critical hardware, firmware, and software infrastructure, today announced the release of Eclypsium 4.2, a major update that strengthens visibility, integrity monitoring, and threat detection across enterprise infrastructure, with a particular focus on critical network edge devices. The update is currently being rolled out to customer environments.
Strengthening Integrity With Asset Profile Verification
To support organizations seeking stronger controls around device baselines, Eclypsium 4.2 introduces Asset Profile Verification. Eclypsium can compare devices across customer environments to an established reference profile. The platform automatically flags deviations from these standards—revealing unexpected hardware, firmware, or software components that may indicate tampering or malicious activity.
Expanded Network Edge Coverage and SBOM Generation
With attackers increasingly targeting routers, firewalls, VPNs, and other network edge appliances, Eclypsium 4.2 extends monitoring and SBOM capabilities to a broader set of platforms, including:
- Arista EOS
- Cisco NX-OS and Cisco IOS-XE devices
- Fortinet FortiOS
- Palo Alto PANOS
The release also expands Eclypsium’s SBOM generation functionality, adding support for the CycloneDX format alongside SPDX and HTML. These additions give security teams more flexibility and detail when managing supply chain risk across network appliances.
New Threat Detections for High-Impact Vulnerabilities and Malware
Eclypsium continues to deliver new threat detection coverage on an ongoing basis, and version 4.2 adds several critical updates:
- BRICKSTORM malware detection, added in response to the F5 breach in which 45 vulnerabilities and BIG-IP source code were exposed.
- HybridPetya ransomware detection, addressing a UEFI-compatible strain capable of bypassing Secure Boot—representing a new class of lower-level ransomware threats.
These new detections join a growing library of device binaries- and hardware-focused intelligence delivered directly through the platform.
The Restaurant at the End of the Press Release
In 2025, Eclypsium analyzed millions of firmware binaries, and scanned hundreds of thousands of endpoints, servers, network devices, and AI servers for known and unknown risks. In conjunction with the release of version 4.2, we are also publishing The Hitch-hacker’s Guide to the Galaxy’s Edge, a fun way to consume the cyber stats of the year from Eclypsium’s research as well as the broader cybersecurity research community.
Some of the highlights of these findings include:
- A single firmware package can contain between 10 and 19,950 individual files
- 3,040 devices were found to still contain the Log4J vulnerability
- A widely used network device firmware package that increased in complexity 10x since 2023
- 269,000 F5 Devices exposed when Security Incident K000154696 was disclosed (ShadowServer foundation)
- The time between disclosure of a vulnerability and exploitation has accelerated from 32 days in 2023 to 5 days in 2025 (Google Cybersecurity Forecast)
The complete Hitch-hacker’s Guide to the Galaxy’s Edge is available on the Eclypsium website.
About Eclypsium
Eclypsium’s cloud-based and on-premises platform provides digital supply chain security for critical software, firmware and hardware in enterprise infrastructure. Eclypsium helps enterprises and government agencies mitigate risks to their infrastructure from complex technology supply chains. The Eclypsium platform is the only supply chain security solution for enterprise hardware and firmware listed on the CDM APL, recognized as an instrumental Asset Management and Network Security Management solution. For more information, visit eclypsium.com.
Eclypsium Media Contact
[email protected]
