Eclypsium announced a collaboration with Intel to help organizations manage the entire firmware attack surface. Together with Intel, Eclypsium helps enterprise IT and cloud service providers construct a more secure foundation for computing by pairing security capabilities built-in to Intel silicon with advanced defenses against firmware threats.
Intel Security Essentials provide a built-in foundation for improved security features and are available across Intel processor lines. They enable security professionals to help protect the platform and the data and to build applications with security features in a consistent way.
The Eclypsium Platform, now generally available, builds upon Intel’s foundation by analyzing the system configuration and ensuring the latest firmware is deployed. With Eclypsium, the end user can see the status of their firmware patch levels, gain visibility into firmware misconfigurations, and validate the integrity of Intel systems as part of the supply chain.
“With security features built into the hardware, Intel delivers a ‘chain of trust’ rooted in silicon that makes the device and extended network more trustworthy and secure,” said Yuriy Bulygin, CEO of Eclypsium. “We are pleased to be working with them to extend that chain of trust for the firmware layer, and therefore across the supply chain, while enabling leading hardware OEMs to deliver the right patches and more secure hardware configurations to the market.”
“Security sensitive organizations need to be able to inspect these low-level technologies to look for signs of malicious activity,” said Window Snyder, Chief Software Security Officer and General Manager, Platform Security Division at Intel.
Intel and Eclypsium at RSA Conference
Eclypsium VP of Engineering John Loucaides will be presenting at the Intel booth (Booth # 6173 North) during RSA Conference in San Francisco. Details are as follows:
- Dates: Tuesday, March 5th at 3pm PT and Thursday, March 7th at 12:30pm PT
- Topic: Extending Cybersecurity to the Firmware Layer – This session will cover how attackers are targeting the firmware layer for both persistence and disruption. It will show the most common attack vectors that attackers use today and how to detect them as part of a complete security operations strategy.
In addition, Intel and Eclypsium will be demonstrating the following use cases throughout the show at Intel’s booth.
- Firmware visibility and patch management – Visibility of firmware versions across hardware components and centralized patch updates.
- Protection from supply chain attacks – Find firmware that has been compromised in the hardware supply chain even before deployment.
- Protecting cloud infrastructure – Help protect cloud and bare-metal infrastructure from implants at the firmware level or software-level attacks that can spread to the firmware.
- Protecting laptops during travel – Help ensure that laptops haven’t been compromised during travel such as via USB-based “Evil Maid” attacks.
- Verifying device integrity after infection – Bring firmware security into your IR workflow to help ensure devices are clean at the firmware level before re-imaging.
from Help Net Security https://ift.tt/2BWGfU2
0 comments:
Post a Comment