Protection for Your Most Critical Devices
Firmware in servers, laptops, and networking equipment is the unguarded attack surface of the enterprise. Once compromised, this blind spot allows attackers to subvert traditional security controls, persist undetected indefinitely, or even disable devices completely.
Server Hardware
Protect the bedrock of your data center, including the out-of-band management plane (BMC, IPMI, etc.).
Network Infrastructure
Ensure your routers, switches, and firewalls are free of backdoors and implants.
Corporate Laptops
Protect your high-value users and ensure that devices are not compromised during travel.
Proactively Find and Manage Your Risk
Easily see the state of your critical devices and included hardware components, find areas of weakness, and proactively manage them.
Investigate Firmware and Hardware Assets: Gain full visibility of your devices and their underlying hardware components.
Identify Vulnerabilities and Weaknesses: Find device-level vulnerabilities, misconfigurations, and missing hardware protections.
Find and Update Outdated Firmware: See when any of your firmware is out of date, get the latest version, and deliver the update.
Protection From Firmware-Based Threats
Find today’s most advanced threats and protect your infrastructure before damage is done.
Defend against implants, backdoors, and physical damage
Ensure the integrity of all of your firmware components and root out malicious code.
.
Ensure laptops are not compromised during travel
Ensure devices are not compromised by “evil maid” attacks or similar techniques while out of the office.
.
Discover hardware tampering in the supply chain
Ensure that your new hardware is clean and hasn’t been compromised in the supply chain.
.
The Eclypsium team also provides on-site training in firmware security and threat prevention for organizations looking to build their security skills.
Eclypsium scans each system, including its many subcomponents, in order to collect details about what is present and how it is configured.
This data is then securely processed by the Eclypsium Analytics System to discover firmware-level threats such as implants and backdoors regardless of how they enter your environment.
Device Management and Incident Response
When the next critical issue is reported, will you know which of your systems are affected? Are your systems already running old and vulnerable firmware? If a device is compromised, would you be able to tell if it is has a firmware backdoor that survives reimaging?
Eclypsium identifies and provides visibility into the assets that form the foundation of your infrastructure. A simple scan can reveal model, version, and configuration information for each system, including many subcomponents like UEFI/BIOS firmware, add-in cards, and management controllers, which are ignored by most tools. We proactively find weaknesses in firmware or device settings and alert you to actual integrity changes in the firmware of critical systems and components. Eclypsium continually invests in research into new attacks, and we use this insight to develop mechanisms that enable protection, detection, and response.
Security During Travel
Simple physical attacks against firmware can be performed with less than 4 minutes of physical access to a system. So-called “Evil Maid” attacks can compromise an employee’s laptop with as little as a USB drive. These attacks can occur any time an employee is not in physical control of their devices such as when it is left in a hotel room. How would you even know if such an attack took place?
Eclypsium scans the integrity of firmware and hardware components, and we can alert you about unexpected changes. If your firmware is different when you come back from your trip, we can also tell you exactly where to start investigating.
Eclypsium introduces a new layer of security that defends the enterprise from its computing foundation up. Built on an unparalleled set of industry experience and research, Eclypsium empowers organizations to see and proactively manage risks in their most critical devices, and to stop active threats from device-level implants and backdoors.
Supply Chain Security
Hardware goes through many hands before it ever arrives at your door. Your hardware is vulnerable to physical attacks at any step in the supply chain, and can be compromised even before it is unboxed. How would you know if you received devices with maliciously altered firmware?
Eclypsium helps by comparing the scan results of your system to data collected by similar systems that we have seen before. By alerting you to anomalies, we can help you determine whether you received what was expected.
