SPECS
Eclypsium Specs, Coverage, and Capabilities
Eclypsium’s Supply Chain Security Platform offers several unique, quantifiable capabilities that enhance the security of enterprise IT infrastructures:
1. Comprehensive Device Monitoring and Remediation: The platform continuously monitors and manages a wide array of network and endpoint devices, firmwares, and components. Eclypsium has a unique database of over 12 million known good firmware hashes, enabling comprehensive supply chain verification across a wide range of assets. including:
- Network and wireless firmware
- Graphics firmware
- Storage firmware
- Server management component firmware (e.g., BMC, iLO, iDRAC)
- PC management (e.g., Intel Management Engine)
- Security components and firmware (e.g., TPM, AMD Platform Security Processor)
- Peripheral devices (e.g., microcode, expansion firmware) This extensive coverage ensures that all critical components are consistently assessed and secured.
We are continuously adding new support for hardware and components to our platform. For a list of specific hardware, firmware, network devices, and components that Eclypsium can monitor and protect, please reach out to our team.
2. Software Bill of Materials (SBOM) Generation: Eclypsium generates an SBOM for each component and system code within enterprise devices. This capability allows organizations to:
- Discover and monitor firmware components and compare what you have with what the vendor says should be there, to assure no tampering has occurred in your supply chain.
- Proactively identify known threats such as implants, backdoors, and malware
- Establish baselines to detect unauthorized changes and unknown threats By providing detailed visibility into the components and dependencies of devices, the platform enhances the organization’s ability to manage and mitigate supply chain risks.
3. Vulnerability Management and Patch Deployment: The platform enables organizations to:
- Remediate vulnerabilities directly through the Eclypsium console or via API
- Download and install firmware updates automatically.
- Address issues specific to various manufacturers and models. This functionality ensures that devices are kept up-to-date and protected against known vulnerabilities.
4. Detection and Response to Supply Chain Threats: Eclypsium employs mechanisms to detect indicators of compromise, including:
- Monitoring for deviations from established baselines
- Verifying integrity and detecting unexpected modifications indicating tampering or a compromised supply chain.
- Identifying signs of exploitation in the environment. These capabilities enable rapid response to emerging threats hidden deep in the foundations of IT infrastructure that are not monitored by EDR or scanned by traditional Vulnerability Management tools, enhancing the organization’s security posture.
5. Integration and Deployment Flexibility: The platform offers:
- A powerful REST API for integrations with fleet deployment, intelligence feeds, system access, authentication, and security operations tooling
- Deployment options including a cloud-based service and on-premises installations. This flexibility allows organizations to tailor the platform to their specific infrastructure and operational requirements.
For more information on integrations and deployment options, please reach out to our team.
These capabilities collectively provide a robust framework for securing the foundational components of enterprise IT infrastructures, addressing vulnerabilities that traditional security solutions may overlook.
