Eclypsium® Events


Eclypsium actively shares our firmware threat research and security expertise with the broader security community at conferences and events around the world

Webinars and Online Events

Webinar: New Research from Eclypsium

June 30, 2021

Online Event

In this webinar, Eclypsium will share information on multiple new vulnerabilities that our research team has identified in enterprise devices. We will discuss the significant risks this poses to the integrity of these devices, and what steps can be taken to mitigate this threat. Details of the research are presently embargoed and will not be made public until shortly before this webinar.

Register Now >

Webinar: A New Approach to Protecting Network and Unmanaged Devices

June 15, 2021

Online Event

Recent updates to NIST 800-53 and other compliance standards emphasize that cEnterprise IT and security teams today must navigate the risk of a constantly evolving landscape of networking equipment, connected devices, and personal-use employee devices in remote work environments. Many of these devices simply can’t be managed using traditional security tools, with recent studies estimating that up to 90% of enterprise devices can’t support a traditional security agent. What’s a security team to do? Maybe it’s time for a new approach to protecting network appliances and other ‘unmanaged” appliances. 

Register Now>

Webinar: What Auditors Need to Know When Evaluating Firmware Compliance

On Demand

Online Event

Recent updates to NIST 800-53 and other compliance standards emphasize that controls must extend down to firmware and hardware. To keep pace with widespread attacks and new standards, organizations must incorporate firmware security into risk management and compliance processes and address blind spots that have given attackers a new foothold. But what does this mean, and what should you be looking for?

Watch Now>

Webinar: Cook Your Dinner, Don’t Cook Your Devices

May 19, 2021

Online Event

Modern organizations are in the midst of a transformation at the device level, and these changes are having profound impacts to security. No longer defined simply by corporate laptops and servers, enterprises must navigate the risk of a constantly evolving landscape targeting networking equipment, connected devices, personal-use employee devices, medical devices, as well as devices in remote work environments. Many of these devices simply can’t be managed using traditional security tools, with recent studies estimating that up to 90% of enterprise devices can’t support a traditional security agent.

Watch Now>

Webinar: New Developments in Device Security

On Demand

Online Event

A recent Microsoft study says 83% of all businesses have experienced a firmware attack in the past two years. The NIST National Vulnerability Database has shown more than a five-fold increase in firmware vulnerabilities in the last four years. How real is the threat in Q2? Are enterprises taking the right approaches to address it? In this quarterly firmware security threat briefing, Yuriy Bulygin, CEO of Eclypsium, and Scott Scheferman, Principal Cyber Strategist discuss the latest news in firmware and hardware security – from the Microsoft report to the most recent attacks in the wild – and what security leaders can do to defend their organizations.

Watch Now>

Webinar: What you can do to get ahead of the next round of attacks

On Demand

Online Event

According to a recent Microsoft report, 83% of all businesses have experienced a firmware attack in the past two years. Firmware and hardware issues have become one of the most active areas of enterprise security, as organizations struggle to cope with attacks such as the recent Accellion FTA device extortion campaign. Unfortunately, most organizations lack visibility into this critical attack surface. In fact, today the TrickBot malware group has more insight into which devices are vulnerable to UEFI attacks than most security teams.

Watch Now>

Webinar: Threats Below The Surface in High-Risk Devices

On Demand

Online Event

As cybersecurity improves, attackers are seeking new methods to subvert traditional security controls – going below the surface to penetrate vulnerable firmware and hardware components inside today’s servers, laptops and networking equipment. Most organizations lack visibility into this attack surface. In this webinar, you’ll learn what to do about blind spots that allow attackers to subvert traditional security controls and persist undetected, leaving organizations exposed to device tampering, ransomware, and data breaches.

Watch Now >

Webinar: Attackers are Targeting Endpoint Firmware. Are You Ready?

April 9, 2021

Online Event

As enterprise security improves, attackers are seeking new methods to subvert traditional security controls – going below the surface to penetrate vulnerable firmware and hardware components inside today’s servers, laptops and networking equipment. To keep pace, organizations and auditors must incorporate firmware security into risk management and compliance processes and address blind spots that have given attackers a new foothold. You’ll leave this presentation with a checklist for assessing firmware security risk mapped to NIST standards.

Watch Now >


Webinar: APT & Criminal Attackers Converge Below the Surface

March 30, 2021

Online Event

Two alarming trends are unfolding in the 2021 threat landscape. Nation-state and criminal actors are increasingly targeting firmware and new supply chain attacks are unfolding. In this fast-paced webinar, Scott Scheferman, Principal Cyber Strategist at Eclyspium shares the latest developments in the threat landscape from TrickBoot to SUNBURST and Accellion and discusses how attackers will adapt now that these TTPs have been burned. Find out what security teams need to anticipate and prepare for as criminal and Advanced Persistent Threat actors converge on firmware.

Watch Now >

Webinar: Improve Device Security Using The CMMC Framework

On Demand

Online Event

As cybersecurity improves, attackers are seeking new methods to subvert traditional security controls – going below the surface to penetrate vulnerable firmware and hardware components inside today’s servers, laptops and networking equipment. Most organizations lack visibility into this attack surface. They can’t easily see which hardware and firmware components are in their fleet or determine which devices are vulnerable to known threats — much less detect a hidden implant or backdoor. These blind spots allow attackers to subvert traditional security controls and persist undetected, leaving organizations exposed to device tampering, ransomware, and data breaches.

Watch Now>

Webinar: Put Zero Trust in Your Devices

On Demand

Online Event

The recent shift to a remote work environment has created new challenges for many businesses and government institutions with profound impacts on organizational security models. Suddenly, many users are no longer protected by the many layers of security found on-premise in the corporate network. Incorporating security concepts like Zero Trust can be a critical part of securing these remote work environments, which often include a mix of corporate laptops, BYOD devices, and home networking gear. If the integrity of these devices isn’t assured, then it is impossible to assure the safety of the operating systems and other software running on them. Yet for many organizations, device integrity remains a blindspot where Zero Trust principles are not yet applied, and as a result, security is assumed instead of verified.

Watch now >

Webinar: Top Five Threats to Firmware Security

On Demand

As firmware-level threats continue to gain popularity in the wild, security teams need to understand how these threats work and the real-world risks they pose to an organization’s security. In this live briefing, Eclypsium will update you on the latest threats to firmware and hardware that need to be on your radar for 2021. 

Watch Now >

Webinar: Safeguarding Device Integrity in the Supply Chain and Beyond

March 3, 2021

Online Event

As cybersecurity improves, attackers are seeking new methods to subvert While most organizations are accustomed to dealing with external threats such as malware, the technology supply chain itself has rapidly emerged as an important source of risk. Proliferating vulnerabilities at the firmware and hardware level have opened the door for nation-state and ransomware attackers to gain control over laptops, servers, and network devices. Vulnerabilities or compromises in the supply chain can affect devices long before they are delivered and unboxed by the eventual owner, as well as during the update process.

Watch now >

Webinar: Sometimes the Best Place to Escape is Underground

On Demand

Online Event

There are some things that just don’t change. One of them is that criminals look for dark places to evade scrutiny. They lurk where the lights are out and the security guards are missing.

So it is in cyberspace too, where APT and criminal actors are moving down the stack to hide from security teams.

Watch now >

Webinar: Attackers Are Targeting Firmware

January 21, 2021

Online Event

The infamous TrickBot malware has a new module that is targeting firmware. In this webinar, hosted by Carahsoft, learn why firmware threats are so dangerous, what systems are affected by TrickBoot, what it takes to recover, how to tell if your firmware has been compromised and how to protect your organization from a variety of firmware threats.

Watch Now >

Webinar: Assessing Enterprise Firmware Security Risk – 2021

On Demand

Online Event

2020 saw a dramatic increase in firmware level threats, including widespread attacks against VPN devices, newly discovered UEFI implants, and a new TrickBot module scanning for firmware vulnerabilities. And, while analysis of the SolarWinds Orion supply chain SUNBURST campaign is ongoing, multiple threat actors, including those currently suspected in this campaign by public sources, have demonstrated the ability to introduce firmware-based persistence that evades majority endpoint protection or detection as well as traditional host-forensic detection. In this environment, how should CISOs assess their firmware security risk in 2021?

Watch now >

Webinar: Top 5 Threats to Firmware Security

On Demand

Online Event

As firmware-level threats continue to gain popularity in the wild, security teams need to understand how these threats work and the real-world risks they pose to an organization’s security. In this live briefing, Eclypsium will update you on the latest threats to firmware and hardware that need to be on your radar for 2021.

Watch Now >

Webinar: What’s Under The Hood In Your Devices

On Demand

Online Event

How well do you know what’s inside your computer? Today’s laptops and servers are powered by dozens of components with their own complex programming that runs independently of the operating system. Attackers increasingly target vulnerabilities in firmware and hardware, and most organizations lack visibility into this attack surface. In this webinar we’ll explore what manufacturers are doing to improve platform security, what kinds of vulnerabilities attackers are targeting, and what IT and security professionals need to do to protect their devices.

Watch now >

Webinar: Trickbot’s New Trickboot Module Targets Your Firmware

On Demand

Online Event

TrickBot malware now has functionality designed to inspect and potentially target the UEFI/BIOS firmware of targeted systems. TrickBoot makes use of open-source tools to check devices for a vulnerability that can allow Trickbot operators to read, write, or erase the UEFI/BIOS firmware of a device. This new capability targets all Intel-based systems produced in recent years and is one line of code away from bricking any device it finds to be vulnerable. In this webinar, Vitali Kremez, Scott Scheferman, and Jesse Michael provide key insights, implications, and mitigations for one of the biggest discoveries of 2020: Trickboot. 

Watch now >

Webinar – What’s Really Down Under

On Demand

Online Event

Lying below the traditional operating system (Windows, Linux, Mac) is an entire “world down under” ripe for attacking. The firmware and hardware attack surface is diverse and wrought with vulnerabilities that are increasingly being exploited to great effect. Attackers have learned to fly under the radar, dip down underneath the traditional security stack, and persist indefinitely, all while enjoying the omnipotence and flexibility that firmware-level attacks provide. In this webinar, Scott Scheferman, Principal Cyber Strategist at Eclypsium, will share insights from recent attacks that challenge how we think about device security. 

Watch now >

Webinar: Protecting Your Organization From MosaicRegressor and Other UEFI Implants

On Demand

Online Event

The recent discovery of MosaicRegressor spyware is the latest in an ongoing trend of UEFI implants observed in the wild. These threats are particularly powerful because their malicious code runs before and supersedes the operating system, while also allowing the threat to persist within firmware even after a system is re-imaged. The implant code itself is universal and easy to build and the UEFI file system format is largely unmodified by individual OEMs. This creates a relatively low barrier to entry for attackers making it likely we will see this type of capability show up in other campaigns. Learn more in this webinar.

Watch now >

FS-ISAC Fall Summit

October 14-15, 2020

Online Event

Current risk frameworks may not be built to support the radical changes financial institutions are confronting. Members will meet at the FS-ISAC virtual summit this fall to understand the technology trends and emerging paradigms that are shaping information security at financial firms. Eclypsium will present an on-demand session entitled “Put Zero Trust in Your Devices.”

Join us >

NLIT Summit 2020

October 13-16, 2020

Online Event

The NLIT Summit facilitates the exchange of best practices and ideas between IT professionals and providers within the DOE complex to strengthen IT infrastructure and reduce costs within the DOE laboratory system. Eclypsium is a sponsor of this event, and welcomes the opportunity to engage with the DOE labs to protect IT infrastructure down to the firmware and hardware level.

Join us >

Webinar: Down the Rabbit Hole – Attackers Moving Down As We Move Up

On Demand

Online Event

Cyber adversaries are not “sophisticated”, rather they are pragmatic. The endpoint, still the nexus of the cyber problem, is challenging lately for adversaries to evade detection and persist at the operating system level due to advances in AI/ML, EDR, and threat intelligence. This talk exposes the reasons why attackers are going further down the rabbit hole in order to gain footholds and persist below the surface of the rest of the entire security stack.

Watch now >

Webinar: Mitigating Device Security Risks in Data Centers, Remote Use and Supply Chains

ON DEMAND

Online

Join this ISE® Fireside Webinar featuring Eclypsium CEO, Yuriy Bulygin, and a CISO panel for a discussion of best practices for CISOs and their security teams to mitigate security risks targeting the device integrity of data center environments, remote users and supply chains.

Watch now >

Webinar: Detecting & Defeating Persistent Attacks

ON DEMAND

Online

Is your organization equipped to detect and defeat firmware attacks? Eclypsium’s Ron Talwalkar and Jesse Michael describe how such attacks can persist undetected by traditional security solutions, surviving operating system reinstalls and even hard drive replacement. Learn about vulnerabilities that can leave you open to attack, and see how Eclypsium can help you detect and defend against them.

Watch Now >

Webinar: Best Practices for Firmware Updates

ON DEMAND

Online

A disciplined process of firmware updates is an essential element of good cybersecurity hygiene but can be challenging for many enterprises. Eclypsium’s John Loucaides and Steve Mancini provide IT and security leaders with insights into firmware update management and guidance on best practices. 

Watch now >

Past Events

Staying Alert: What Gets You Up in the Morning? Coffee, Duh!

May 25, 2021

Online Event

During this exclusive round table discussion with your peers, we’ll talk through cybersecurity pain points that keep you up at night, while we all participate in the coffee brewing experience. Coffee expert Patrick O’Malley will guide you through the brewing process. With over 30 years of experience working in the coffee industry around the world, Patrick will share a coffee tasting menu that will make you feel like a roast master! You will walk away with a truly special coffee experience, eye-opening while engaging with like-minded people. 

AZ Tech Council: 2021 Virtual Cybersecurity Summit

May 6, 2021

Online Event

The Cybersecurity Summit provides an opportunity for government and business leaders to learn about the threats, vulnerabilities and consequences related to data security and privacy matters. Join these great Arizona organizations for this educational summit that provides actionable solutions, as numerous AZTC and ACTRA member organizations virtually showcase their available resources, products and services geared toward helping protect your intellectual property and customer data. There will be panel discussions, keynote speaker, sponsor, and other exceptional presentations. 

Watch the Recording >

ISACA National Conference

May 4 – May 6, 2021

Online Event

In the past year APT and ransomware threat actors targeted enterprise VPNs en masse, the widespread BootHole vulnerability put virtually all Windows and Linux devices at risk for bootkits, TrickBot added firmware-specific capabilities and the Sunburst attack exposed pervasive risks in the technology supply chain. To keep pace, organizations and auditors must incorporate firmware security into risk management and compliance processes and address blind spots that have given attackers a new foothold. You’ll leave this presentation with a checklist for assessing firmware security risk mapped to NIST standards.

Staying Alert: What Keeps You Up At Night? Coffee, Duh!

April 22, 2021

Online Event

During this exclusive round table discussion with your peers, we’ll talk through cybersecurity pain points that keep you up at night, while we all participate in the coffee brewing experience. Coffee expert Patrick O’Malley will guide you through the brewing process. With over 30 years of experience working in the coffee industry around the world, Patrick will share a coffee tasting menu that will make you feel like a roast master! You will walk away with a truly special coffee experience, eye-opening while engaging with like-minded people. 

Webinar: Assuring Device Integrity

April 6, 2020

Online Event

Compromises in cyber supply chains are putting financial organizations at risk. Proliferating vulnerabilities at the firmware and hardware level have opened the door for nation state and ransomware attackers to gain control over laptops, servers and network devices. In this FS-ISAC webinar, you’ll learn what you can do today to begin verifying device integrity in the supply chain and in operational use, and what’s coming down the road in the NIST Supply Chain Assurance project.

Exclusively available to FS-ISAC members >


FCW Workshop – Managing Supply Chain Security

January 19, 2021

Online Event

The global information technology supply chain has been hit with a growing and unprecedented number of attacks as adversaries attempt to compromise systems with various forms of malware in an attempt to steal or compromise or hold for ransom sensitive information. Join us at this virtual workshop on supply chain security hosted by FCW, featuring speakers from NIST and CISA. John Loucaides, VP of Research and Development at Eclypsium, will give a talk on Assuring Device Integrity in the Supply Chain and Beyond, at 10:40 AM ET.

Join us >

Security Weekly Unlocked

December 10, 2020

Online Event >

Security Weekly’s Paul Asadoorian interviews Eclypsium’s John Loucaides about TrickBoot, a newly discovered TrickBot malware module that is targeting UEFI firmware. Learn why this threat is so dangerous, what systems are affected, and how you can protect your enterprise in this video, recorded at Security Weekly Unlocked in December.

Watch video – TrickBot is After Your Firmware >

Get access to the full Security Weekly Unlocked event on-demand >

SANS Cyber Solutions Fest

October 8-9, 2020

Online event

This action packed 2-day virtual event brings together an ensemble of security professionals, solution providers, gurus and experts ready to share the latest developments and innovative technologies in the cybersecurity industry. Eclypsium’s John Loucaides will lead a Tech Talk exploring how you can get visibility into – and protect – the firmware and hardware that attackers are targeting in 2020.

Join us >

CISO Forum

September 23-24, 2020

Online

SecurityWeek’s prestigious CISO Forum focuses on information security leadership and strategy. This year’s event take place online and is sponsored by Eclypsium. Reserve your spot now to hear Eclypsium Principal Cyber Strategist Scott Scheferman’s talk on “The New Endpoint Challenge – Cracks in the Foundation” and stop by our online booth to chat with our technical team.

Join us at the CISO Forum >

Virtual Air Space Cyber Conference

September 14-16, 2020

Online

The Air Force Association’s virtual Air, Space & Cyber Conference (vASC) is the premier event for defense and aerospace professionals. Eclypsium is a sponsor of this conference which provides Airmen, Space Professionals, and industry leaders direct insights into the plans, policies and vision of Air Force and Space Force leadership, and emerging trends and developments in aerospace and cyber technology. Request a meeting to see Eclypsium’s comprehensive device security platform designed for tough DoD environments.

Join us at the vASC conference >

Webinar: Exploring the BootHole Vulnerability

On Demand

Online Event


The BootHole vulnerability, disclosed by Eclypsium researchers Mickey Shkatov and Jesse Michael in July, exposes billions of devices to attack. The vulnerability they discovered in the GRUB bootloader can be used to gain arbitrary code execution during the boot process even when Secure Boot is enabled. This can allow attackers to install persistent and stealthy bootkits, rootkits, or malicious bootloaders that would provide full control over the victim device.

Watch now >

How Much Trust Can You Put In Your Devices? A Conversation For The Financial Industry

August 13, 2020

Online

Join T.E.N. and Eclypsium on August 13th at 5:30 pm ET for this exclusive virtual ISE® Cocktails & Conversations where we will discuss “How Much Trust Can You Put in Your Devices? A Conversation for the Financial Industry.”

To attend, please email djones@ten-inc.com

DEF CON 28 SAFE MODE

August 6-9, 2020

Online

Eclypsium Principal Researchers Mickey Shkatov and Jesse Michael will present “Bytes in Disguise” at DEF CON 28 SAFE MODE.

Non-Volatile Memory. EVERY computer has it, from the chip that stores your BIOS to the controller that runs your laptop trackpad and even your new USB-C monitor. These small nooks of storage can be (ab)used by anyone to store data or code without causing any side effects and none would be the wiser. Mickey and Jesse will show you more than one example of how this is possible, walk through how to do it, and what can be done to detect and lock down systems.

Their presentation will be available on Sunday, August 9th, and you can join them for a live Q&A online at 10:30 AM. Details here >

ESW Interviews John Loucaides on #BootHoleVulnerability

August 5, 2020

Online

Paul Asadoorian and the crew of Enterprise Security Weekly dive deep into the #BootHoleVulnerability with Eclypsium’s John Loucaides in this special “Hacker Summer Camp” edition of the ESW podcast.

Watch the video >

Webinar: Managing the Hole in Secure Boot

On Demand

Online

Eclypsium researchers have discovered an arbitrary code execution vulnerability – dubbed BootHole – in the GRUB2 bootloader that can bypass UEFI and OS Secure Boot, impacting other OS defenses. Attackers exploiting this vulnerability can install persistent and stealthy bootkits or malicious bootloaders that could give them near-total control over the victim device. The majority of laptops, desktops, servers and workstations are affected, as well as network appliances and other special purpose equipment used in industrial, healthcare, financial and other industries.

In this webinar Yuriy Bulygin, CEO and John Loucaides, VP of Research and Development at Eclypsium, will provide a briefing on the key issues enterprise IT and security leaders need to know in order to effectively mitigate this issue.

Watch Now >

Webinar: Put Zero Trust in Your Devices

July 28, 2020

On Demand

In today’s remote work environment, where users are no longer protected by the many layers of security found on-premise in the corporate network, organizations must consider how to adapt core security concepts like Zero Trust to cover corporate laptops, BYOD devices and home networking gear. Yet for many organizations, device integrity remains a blindspot where Zero Trust principles are not yet applied, and as a result, security is assumed instead of verified.

In this webinar we discuss how much trust you can put in your devices and what organizations can do to assess and verify device integrity down to the firmware and hardware level.

Watch Now >

Webinar: Improve Device Security Using the CMMC Framework

On Demand

Online


Build device security into your overall cybersecurity plan with simple steps that help you progress from basic cyber hygiene to preventing advanced persistent threats using the Cybersecurity Maturity Model Certification (CMMC) framework as a guideline. John Loucaides, VP of R&D at Eclypsium, will share insights on how attackers compromise device integrity and how you can defeat them by designing device security into your cybersecurity practices.

Watch Now >

InfoSec World Digital

June 22 – 24, 2020

Online

For over 25 years InfoSec World has been the “business of security” conference. To manage today’s threats, security practitioners must have the skills to be both a business partner and enabler, and have the technical expertise to prevent, detect and respond to security challenges. At this year’s InfoSec World Digital, Eclypsium’s John Loucaides presented “Hacking Firmware: The Unprotected Attack Surface of the Enterprise.” Meet John, and the rest of the Eclypsium team at our online booth.

Contact us to schedule a meeting >

Virtual Event: FS-ISAC Spring Summit

On Demand

Online

The financial services industry is evolving its business models to serve its customers and employees in a world where digitization is no longer an option. In this new era, where not only customers but also employees must adjust to operating virtually nearly overnight, cyber criminals are seeing endless opportunity. Eclypsium CEO, Yuriy Bulygin, spoke live at this FS-ISAC event, on “The Anatomy of a Firmware Attack”.

View Yuriy’s Talk (FS-ISAC members only) >

Webinar: Protecting Device Integrity in the Supply Chain

On Demand

Online

How is your organization addressing risks to device integrity in the technology supply chain? In this panel discussion, experts from TAG Cyber, Johns Hopkins, NIST and Eclypsium explore how to improve visibility into your device supply chain and protect your organization from cybersecurity threats targeting vulnerabilities and weak points.

Watch now >

i-4 Forum 99

March 9-11, 2020

Orlando, FL

Alex Bazhaniuk, CTO & Co-Founder of Eclypsium, will join Sergej Epp, Chief Security Officer, Palo Alto Networks, for a discussion on Incident Response and Red Teaming at the International Information Integrity Institute forum on Monday, March 9.

Contact us to schedule a meeting >

Webinar: Anatomy of a Firmware Attack

ON DEMAND

Online


Explore the techniques of successful firmware attacks as they apply to stages of a kill chain in this Eclypsium webinar designed to help you assess and defend enterprise devices from firmware and hardware threats.

Watch now>

RSA 2020

February 24-28, 2020

San Francisco, CA

Join top cybersecurity leaders and a dedicated community of peers at RSA 2020 as we exchange the biggest, boldest ideas that will help propel the industry forward. Firmware security will be a hot topic. To learn more, visit Eclypsium at booth 29 in the Early Stage Expo at Moscone South, Tuesday evening and all day Wednesday and Thursday.

Contact us to schedule a meeting >

Webinar: Perilous Peripherals

ON DEMAND

Online

Eclypsium researchers Jesse Michael and Rick Altherr will describe new research showing how unsigned firmware in WiFi adapters, USB hubs, trackpads, laptop cameras and network interface cards provides pathways for malicious attackers to compromise laptops and servers.

Watch now >

Webinar: How Direct Memory Access Attacks Bypass Hardware Protections

ON DEMAND

Online

New research from Eclypsium shows that high-speed DMA attacks can bypass built-in hardware protections on enterprise devices. Jesse Michael and Mickey Shkatov describe their research, and discuss the ramifications for enterprise security.

Watch now>

SANS Cyber Defense Initiative

December 10-17, 2019

Washington, DC

Sharpen your defenses with this week of cyber security training put on by SANS. Then on Friday, December 13th, join Eclypsium at the vendor solutions exposition to see to a demonstration on how to defend the unprotected firmware and hardware layer of the enterprise – including laptops, servers, and networking infrastructure.

Contact us to schedule a meeting >

FS-ISAC Fall Summit

November 17-20, 2019

Washington, DC

Information security leaders from the financial sector will come together for three days of thought-provoking and interactive sessions at this fall’s FS-ISAC Americas Summit. Eclypsium’s CEO, Yuriy Bulygin will give a talk on “Firmware: The Unprotected Attack Surface” on Tuesday Nov 19th, and we’re hosting a special reception that evening.

Contact us to schedule a meeting >

Webinar: Screwed Drivers

On demand

Online

A common design flaw uncovered in drivers from 20 vendors allows widespread Windows compromise. In this webinar, Eclypsium researchers Jesse Michael and Mickey Shaktov take you behind the scenes to show how and why this happened, and disclose the latest updates to their research.

Watch now >

ToorCon

November 8-10, 2019

San Diego, CA

ToorCon is changing it up this year with a Red-Day, a Blue-Day and a Fun-Day. Eclypsium’s Alex Ivkin is a Blue-Day speaker. His talk, “Down the sinkhole with Kubernetes” will be at noon on November 8th. Don’t miss it!

Learn more about ToorCon >

SINET Showcase

November 6-7, 2019

Washington, DC

SINET Showcase provides a platform to identify and highlight “best-of-class” security companies that are addressing the most pressing needs and requirements in Cybersecurity. Don’t miss the panel discussion on “Trust but Verify Firmware in the Supply Chain”, featuring Gene Casady of Global Payments, Kevin Nally of the US Secret Service, Steve Orrin of Intel, Chad Sweet of The Chertoff Group and Eclypsium CEO Yuriy Bulygin.

Contact us to schedule a meeting >

PacSec 2019

November 6-7, 2019

Tokyo, Japan

To address the increasing importance of information security in Japan, the best known figures in the international security industry will get together with leading Japanese researchers to share best practices and technology at PacSec in Tokyo this November. Eclypsium researchers Jesse Michael and Mickey Shaktov will present “Get Off The Kernel If You Can’t Drive” – showing how common drivers can be used to compromise the security of the platform.

Contact us to schedule a meeting >

BSides Portland

October 25-26, 2019

Portland, OR

Eclypsium is sponsoring BSides PDX, a gathering of the most interesting infosec minds in Portland and the Pacific Northwest! Several of our Oregon team members will be in attendance – be sure to connect. And don’t miss our own Alex Ivkin’s talk, “Argghh, yer kubernetes be now a shark bait!” Saturday at 12:30 PM.

See the video of Alex’s talk >

Virus Bulletin

October 2-4, 2019

London, England

In its 29th year, the annual Virus Bulletin International Conference (VB2019) is one of the most international threat intelligence events of the year, focusing on the sharing of intelligence between researchers and analysts, product managers and CISOs from around the world. Together with Intel, Eclypsium will showcase advanced firmware attack detection technology.

Learn more about Virus Bulletin >

Platform Security Summit

Oct 1-3, 2019

Redmond, WA

PSEC 2019 brings together security architects, researchers and developers from the ecosystems of hyperscalers, service operators, product vendors, academia and open-source. Eclypsium’s John Loucaides will speak on “The Tragedy of the Commons in Platform Security” – that a single vulnerability or failure at the platform level breaks years of investment and progress in security.

Watch John’s presentation >

Ekoparty

September 25-27, 2019

Buenos Aires, Argentina

This annual security conference brings together specialists in the field from around the world for training, talks, games, challenges and much more. Eclypsium’s Daniel Gutson and Mauricio Sanfilippo will lead a workshop on Reverse Mathematics showcasing a new technique for detecting vulnerabilities. Daniel, together with Erik Ccanto and Juan Melquiot are also leading a workshop on Frida LangGo, dynamically reversing and implementing applications made in Go to spy on sensitive information.

Learn more about Ekoparty >

CISO FORUM

September 24-26, 2019

Half Moon Bay, California

SecurityWeek’s invitation-only 2019 CISO Forum, presented by Intel, brings together security leaders to discuss, share and learn information security strategies. Eclypsium CEO, Yuriy Bulygin, will take part in a panel discussion on “Assessing Security in the Hardware Supply Chain.”

Learn more about CISO Forum >

Open Source Firmware Conference

September 3-6, 2019

Sunnyvale, CA

This year’s Open Source Firmware Conference will feature more than 40 presentations over four days, and include an entire track on firmware security as well as a hackathon. Eclypsium’s Rick Altherr will present a comprehensive threat model for BMCs along with methodologies, practices, and techniques that can be used to avoid these common security mistakes.

Download Rick’s presentation >

DEF CON 27

August 8-11, 2019

Las Vegas, NV

DEF CON is the largest sponsor free hacking conference. You have to earn your speaking spot by impressing the CFP review team – and we’re pleased to report that Eclypsium researchers Jesse Michael and Mickey Shaktov made the grade. They will present “Get off the Kernel if you can’t Drive” on Saturday, August 10 at 15:00. Don’t miss it!

Read Eclypsium’s DEF CON presentation

Black Hat

August 7-8, 2019

Las Vegas, NV

Now in its 22nd year, Black Hat USA is the world’s leading information security event, providing attendees with the very latest in research, development and trends. See a demonstration of the Eclypsium firmware protection platform at booth #IC2109, or contact us to schedule a private meeting.

Contact us to schedule a meeting >

RSA 2019

March 4-7, 2019

San Francisco, CA

The RSA Conference brings together top cybersecurity leaders and a dedicated community of peers to exchange the biggest, boldest ideas that will help propel the industry forward. Eclypsium is honored to have been named a Top 10 Finalist in the 2019 RSA Innovation Sandbox. Catch CEO Yuriy Bulygin’s presentation live on March 4th, or see a demonstration of our newly released firmware protection platform at our booth in the Early Stage Expo.

Watch the video of Yuriy’s presentation