Eclypsium is the only scalable enterprise device security platform that protects you from threats to devices down to the firmware and hardware level.
THE ECLYPSIUM PLATFORM
Eclypsium provides a new layer of security to defend the unprotected firmware and hardware layer of the enterprise - including laptops, servers, and networking infrastructure. Modern attackers know that traditional security tools lack visibility into firmware both at the system level and within hardware components, and are increasingly using firmware implants and backdoors to bypass security controls, persist and disrupt an organization's infrastructure. Eclypsium closes this gap by finding and mitigating the weaknesses and threats in firmware that traditional security misses.
DEVICE SECURITY BENEFITS
Go below the surface to defend against firmware threats and vulnerabilities that traditional security can’t see.
REDUCE HIDDEN DEVICE RISKS
99% of enterprise devices have known firmware vulnerabilities or security misconfigurations and over 80% have outdated firmware. Eclypsium helps you easily find weaknesses in your system and dozens of underlying hardware components.
FIND THREATS YOU’VE BEEN MISSING
Threats such as implants at the firmware layer let attackers subvert traditional security and persist within your environment. The Eclypsium platform enables you to find known and unknown firmware threats immediately and mitigate damage before it’s too late.
PROACTIVELY VERIFY YOUR SUPPLY CHAIN
Your hardware is comprised of numerous underlying components from many different suppliers, and passes through many hands before delivery. With Eclypsium you can proactively test new hardware to find hidden weaknesses and ensure your systems haven’t been tampered with.
BREAK THE CYCLE OF RE-INFECTION
Threats hide within firmware to persist and re-infect the device even after the system is completely re-imaged. Eclypsium breaks this cycle by finding hidden implants and ensuring all firmware is clean before returning a device to active use.
SAVE TIME AND EFFORT
Eclypsium automates and unifies device security across a variety of types of devices, vendors, and disciplines including risk management, threat detection and incident response.
YOUR BUILT-IN FIRMWARE EXPERT
Security skills are in high demand, and firmware security skills are some of the rarest of all. Eclypsium automates some of the most challenging work in security today, and industry-leading research protects you from the latest vulnerabilities and threats.
ECLYPSIUM PRODUCT FEATURES
Unlike traditional software, firmware should remain predictable and in “known good” states. The Eclypsium Cloud Platform checks firmware against millions of firmware hashes across dozens of enterprise hardware vendors to identify changes to baselines, find outdated firmware and expose tampering.
Schedule regular scans or perform ad-hoc scans of devices for firmware vulnerabilities, outdated versions, hardware misconfigurations, and missing protections. Based on scan results take actions such as applying updates or quarantining devices.
Detect and alert on threats such as hardware implants, backdoors and rootkits. Leverage IOCs, static, behavioral, and heuristic analysis to find known or unknown threats or changes to firmware integrity.
Maintain a complete view of your entire environment or focus on a specific group of devices, with insight into firmware and components so that you know your security posture at all times.
Gain visibility into weaknesses and threats during device operations, IR & forensics, and during remote use and high risk travel to detect risks associated with hardware profile changes, tampering and compromise.
Detailed analysis & reporting of any firmware image enables digital forensics to gather evidence to investigate the context of any attack as well as identifying and limiting the exposure of a breach, as part of a complete incident response playbook.
Eclypsium accelerates patching and update efforts, enabling staff to address weaknesses and save time. When threats are encountered, the platform can prevent damage, and robust APIs enable automated orchestration efforts such as quarantine of affected devices.
DEVICE SECURITY USE CASES
Your hardware is vulnerable to physical attacks at any step in the supply chain, and can be compromised even before it is unboxed.
Eclypsium scans your new devices to ensure the firmware matches known good versions of vendor firmware, that device integrity has not been compromised, and that the device is free from threats.
Learn More >
Devices can be compromised at any time due to misconfigurations, malware, and even malicious updates.
Eclypsium monitors your deployed devices whether in your network or during travel to identify new weaknesses, vulnerabilities, and threats.
Learn More >
Regular vulnerability scanning and patching is a bedrock principle of good security practice. However, too often this process stops at the application and OS level, leaving vulnerabilities in firmware and hardware unseen, unpatched, and open to attack.
Eclypsium scans enterprise laptops, servers, and networking equipment to provide an inventory of firmware and components, find weaknesses and vulnerabilities, and help drive corrective action.
Learn More >
In the new remote work environment, with the majority of employee devices operating outside of traditional on-premise security controls and procedures, organizations have been forced to re-examine their approach to device security.
Eclypsium ensures that corporate and personal devices used by your distributed workforce maintain an integrity and trust level consistent with your security policies.
Learn More >PROTECTION FOR ALL YOUR DEVICES
Maintain a complete view of your entire environment or focus on a specific group of devices, with insight into firmware and components so that you know your security posture at all times.
Gain visibility into weaknesses and threats during device operations, IR & forensics, and during remote use and high risk travel to detect risks associated with hardware profile changes, tampering and compromise.
Server Hardware
Protect the bedrock of your data center including the out-of-band management plane (BMC, IPMI, etc).
Network Infrastructure
Ensure your routers, switches, and firewalls are free of backdoors and implants.
Corporate Laptops
Protect your high-value users and ensure that devices are not compromised during travel.
BROADEST COVERAGE OF FIRMWARE RISKS & THREATS
Virtually every component within a modern device has its own firmware that can be compromised in an attack. Eclypsium extends visibility and protection to all the components that make up this internal attack surface including processors, network interface cards, UEFI and EFI firmware, Baseboard Management Controllers (BMCs), Intel Security Management Engine, Trusted Platform Modules, and more. This reach and level of granularity ensures visibility into areas most enterprises cannot see, exposing risk due to vulnerabilities and misconfigurations, unpatched firmware and compromise from implants and backdoors.
HOW ECLYPSIUM DETECTS THREATS
Validates firmware against the industry’s largest library of known hashes
Monitors firmware for unexpected changes and known threats
Checks against knowledge-base of expected hardware and firmware baselines
HOW IT WORKS
Eclypsium easily plugs into your environment for fast, automated visibility and defense. Your firmware information is analyzed by the Eclypsium platform, which can be deployed in the cloud or on premise. The analytics server is constantly updated based on industry-leading threat and vulnerability research. A rich web-based user interface provides easy access to information from any location, and integration with other security and orchestration tools is available. The solution can be deployed as a targeted dissolvable scan to uncover integrity issues upon delivery of hardware or run as a periodic scan to identity threats in real time.
