Product


Eclypsium is the only scalable enterprise device security platform that protects you from threats to devices down to the firmware and hardware level.

Enterprise Device Protection Platform

Eclypsium is the only scalable enterprise device security platform that protects you from threats to devices down to the firmware and hardware level.

THE ECLYPSIUM PLATFORM

Eclypsium provides a new layer of security to defend the unprotected firmware and hardware layer of the enterprise - including laptops, servers, and networking infrastructure. Modern attackers know that traditional security tools lack visibility into firmware both at the system level and within hardware components, and are increasingly using firmware implants and backdoors to bypass security controls, persist and disrupt an organization's infrastructure. Eclypsium closes this gap by finding and mitigating the weaknesses and threats in firmware that traditional security misses.

DEVICE SECURITY BENEFITS

Go below the surface to defend against firmware threats and vulnerabilities that traditional security can’t see.

REDUCE HIDDEN DEVICE RISKS

99% of enterprise devices have known firmware vulnerabilities or security misconfigurations and over 80% have outdated firmware. Eclypsium helps you easily find weaknesses in your system and dozens of underlying hardware components.

FIND THREATS YOU’VE BEEN MISSING

Threats such as implants at the firmware layer let attackers subvert traditional security and persist within your environment. The Eclypsium platform enables you to find known and unknown firmware threats immediately and mitigate damage before it’s too late.

PROACTIVELY VERIFY YOUR SUPPLY CHAIN

Your hardware is comprised of numerous underlying components from many different suppliers, and passes through many hands before delivery. With Eclypsium you can proactively test new hardware to find hidden weaknesses and ensure your systems haven’t been tampered with.

BREAK THE CYCLE OF RE-INFECTION

Threats hide within firmware to persist and re-infect the device even after the system is completely re-imaged. Eclypsium breaks this cycle by finding hidden implants and ensuring all firmware is clean before returning a device to active use.

SAVE TIME AND EFFORT

Eclypsium automates and unifies device security across a variety of types of devices, vendors, and disciplines including risk management, threat detection and incident response.

YOUR BUILT-IN FIRMWARE EXPERT

Security skills are in high demand, and firmware security skills are some of the rarest of all. Eclypsium automates some of the most challenging work in security today, and industry-leading research protects you from the latest vulnerabilities and threats.


THE INDUSTRY’S LARGEST GLOBAL FIRMWARE REPUTATION DATABASE

Unlike traditional software, firmware should remain predictable and in “known good” states. The Eclypsium Cloud Platform checks firmware against millions of firmware hashes across dozens of enterprise hardware vendors to identify changes to baselines, find outdated firmware and expose tampering.

DEVICE RISK & VULNERABILITY SCANNING

Schedule regular scans or perform ad-hoc scans of devices for firmware vulnerabilities, outdated versions, hardware misconfigurations, and missing protections. Based on scan results take actions such as applying updates or quarantining devices.

DEVICE THREAT DETECTION

Detect and alert on threats such as hardware implants, backdoors and rootkits. Leverage IOCs, static, behavioral, and heuristic analysis to find known or unknown threats or changes to firmware integrity.

COMPREHENSIVE DEVICE MONITORING

Maintain a complete view of your entire environment or focus on a specific group of devices, with insight into firmware and components so that you know your security posture at all times.

Gain visibility into weaknesses and threats during device operations, IR & forensics, and during remote use and high risk travel to detect risks associated with hardware profile changes, tampering and compromise.

INCIDENT RESPONSE & FORENSICS

Detailed analysis & reporting of any firmware image enables digital forensics to gather evidence to investigate the context of any attack as well as identifying and limiting the exposure of a breach, as part of a complete incident response playbook.

FIRMWARE PATCH MANAGEMENT

Eclypsium accelerates patching and update efforts, enabling staff to address weaknesses and save time. When threats are encountered, the platform can prevent damage, and robust APIs enable automated orchestration efforts such as quarantine of affected devices.

Your hardware is vulnerable to physical attacks at any step in the supply chain, and can be compromised even before it is unboxed.

Eclypsium scans your new devices to ensure the firmware matches known good versions of vendor firmware, that device integrity has not been compromised, and that the device is free from threats.

Learn More >

Devices can be compromised at any time due to misconfigurations, malware, and even malicious updates.

Eclypsium monitors your deployed devices whether in your network or during travel to identify new weaknesses, vulnerabilities, and threats.

Learn More >

Regular vulnerability scanning and patching is a bedrock principle of good security practice. However, too often this process stops at the application and OS level, leaving vulnerabilities in firmware and hardware unseen, unpatched, and open to attack.

Eclypsium scans enterprise laptops, servers, and networking equipment to provide an inventory of firmware and components, find weaknesses and vulnerabilities, and help drive corrective action.

Learn More >

In the new remote work environment, with the majority of employee devices operating outside of traditional on-premise security controls and procedures, organizations have been forced to re-examine their approach to device security.

Eclypsium ensures that corporate and personal devices used by your distributed workforce maintain an integrity and trust level consistent with your security policies.

Learn More >

Maintain a complete view of your entire environment or focus on a specific group of devices, with insight into firmware and components so that you know your security posture at all times.

Gain visibility into weaknesses and threats during device operations, IR & forensics, and during remote use and high risk travel to detect risks associated with hardware profile changes, tampering and compromise.

Server Hardware
Protect the bedrock of your data center including the out-of-band management plane (BMC, IPMI, etc).

Network Infrastructure
Ensure your routers, switches, and firewalls are free of backdoors and implants.

Corporate Laptops
Protect your high-value users and ensure that devices are not compromised during travel.

BROADEST COVERAGE OF FIRMWARE RISKS & THREATS

Virtually every component within a modern device has its own firmware that can be compromised in an attack. Eclypsium extends visibility and protection to all the components that make up this internal attack surface including processors, network interface cards, UEFI and EFI firmware, Baseboard Management Controllers (BMCs), Intel Security Management Engine, Trusted Platform Modules, and more. This reach and level of granularity ensures visibility into areas most enterprises cannot see, exposing risk due to vulnerabilities and misconfigurations, unpatched firmware and compromise from implants and backdoors.


Validates firmware against the industry’s largest library of known hashes

Monitors firmware for unexpected changes and known threats

Checks against knowledge-base of expected hardware and firmware baselines

Eclypsium easily plugs into your environment for fast, automated visibility and defense. Your firmware information is analyzed by the Eclypsium platform, which can be deployed in the cloud or on premise. The analytics server is constantly updated based on industry-leading threat and vulnerability research. A rich web-based user interface provides easy access to information from any location, and integration with other security and orchestration tools is available. The solution can be deployed as a targeted dissolvable scan to uncover integrity issues upon delivery of hardware or run as a periodic scan to identity threats in real time.