Resources


Firmware is the unguarded attack surface of the enterprise. Learn how to defend your critical infrastructure with white papers, videos and other resources from Eclypsium®.

Firmware is the unguarded attack surface of the enterprise. Learn how to defend your critical infrastructure with white papers, videos and other resources from Eclypsium®.

Network devices are often an organization’s most overlooked area of attack surface, and their embedded firmware the most attack-prone point in that surface. This solution brief outlines the critical firmware issues with networked and connected devices, and discusses how Eclypsium users can identify, verify and fortify the firmware in their vulnerable network devices.

Compliance standards have and will continue to include firmware and hardware security is becoming more relevant. NIST 800-53 Rev. 5, PCI DSS, FedRAMP, NIST 800-171, and Cybersecurity Maturity Model Certification mention firmware and hardware compliance. With new enterprise tools available, auditors can ask how a company is achieving compliance at the firmware and hardware layer.

As remote work becomes the default, attackers are setting their sights on end user devices and the ways that users connect back to the enterprise. Learn how Eclypsium ensures the integrity and health of the devices that remotely access corporate resources over VPN and other secure remote access mechanisms.

The National Institute of Standards and Technology (NIST) cybersecurity framework helps organizations to better understand and improve their management of cybersecurity risk. In this brief we outline the NIST requirements that pertain to firmware security and provide guidance for organizations seeking to achieve compliance with these standards.

The Federal Information Security Management Act (FISMA) defines the information security requirements for all federal agencies and spans the fundamental pillars of information security (confidentiality, integrity, and availability). This 2-page overview explains how FISMA relates to firmware security.

Eclypsium introduces a new type of enterprise security that defends the underlying hardware and firmware layer of the enterprise.

Endpoints are increasingly dependent on the security and integrity of their underlying firmware to remain protected and secure themselves. Learn how Eclypsium for Endpoints identifies, verifies and fortifies endpoint firmware.

Your servers are the backbone of your business and your mission. Their firmware is the key to their security. Eclypsium for Servers ensures your server firmware retains integrity and remains free of vulnerbailities.

Network devices are the nervous system of your enterprise, keeping your networks, services and applications running. Eclypsium for Network Devices makes sure their embedded firmware remains secure and protected.

What does the Executive Order on Cybersecurity mean for security teams tasked with protecting endpoints, servers and network devices? We look at the new Zero Trust requirements, their implications for device integrity and what it takes to identify, verify and fortify enterprise devices.

In 2020, APT and ransomware threat actors targeted enterprise VPNs en masse, the widespread BootHole vulnerability put virtually all Windows and Linux devices at risk for bootkits, and some of the most popular malware and ransomware added firmware-specific capabilities. This whitepaper provides five questions to ask to assess your organization’s firmware security risk, with recommendations for evaluating and improving your firmware security posture.

As firmware-level threats continue to gain popularity in the wild, security teams need to understand how these threats work and the real-world risks they pose to an organization’s security. Updated for 2021, this paper demystifies the most common types of firmware attacks used in the wild today.

How much trust can you put in your devices? Security concepts like Zero Trust can provide an important framework for securing the remote work environment. Learn more in this Eclypsium white paper.

Build device security into your overall cybersecurity plan with simple steps that help you progress from basic cyber hygiene to preventing advanced persistent threats using the Cybersecurity Maturity Model Certification (CMMC) framework as a guideline.

Explore the techniques of successful firmware attacks as they apply to stages of a kill chain in this new Eclypsium report designed to help you assess and defend enterprise devices from firmware and hardware threats.

In today’s distributed work environment, how do you protect your remote workforce from cybersecurity threats, secure your data centers and ensure the integrity of your supply chain? Eclypsium can help. Learn how in this 3-minute video.

In today’s distributed work environment, how do you protect your remote workforce from cybersecurity threats, secure your data centers and ensure the integrity of your supply chain? Eclypsium can help. Learn how in this 3-minute video.

A newly discovered TrickBot malware module called TrickBoot is targeting UEFI firmware. Learn why this threat is so dangerous, what systems are affected, and how you can protect your enterprise in this video discussion with Security Weekly’s Paul Asadoorian and Eclypsium’s John Loucaides.

Take a look at how Eclypsium delivers the industry’s first enterprise-grade software platform that can detect, defend and mitigate firmware weaknesses and threats.

Security Weekly’s Paul Asadoorian talks to Eclypsium CEO Yuriy Bulygin about why firmware is the biggest gap in security today, and what to do about it. Hard drives, network cards, BIOS and other components all have their own software stacks, forming a hidden attack surface beneath the operating system layer. Update mechanisms have made firmware accessible remotely, and now attacks in the wild are tacking advantage. Nerd out with Paul and Yuriy as they explore the topic of firmware security in this 15-minute video.

A disciplined process of firmware updates is an essential element of good cybersecurity hygiene but can be challenging for many enterprises. This report provides IT and security leaders with insights into firmware update management and guidance on best practices.

Part two of Eclypsium’s series on best practices for firmware updates focuses on the tools and techniques used by the enterprise IT teams tasked with implementing update processes.

"Firmware vulnerability gives attackers entry into systems that is invisible and persistent with total control of the server, storage or network device. I&O leaders must deliver an infrastructure, whether on-site, outsourced or in the public cloud, that is protected from firmware-based attacks." Learn how in this report from Gartner Research.

Firmware- and hardware-level attacks can compromise laptops in minutes and persist undetected after reimaging. To close the firmware security gap in traveler laptop programs consider a new approach that protects IT assets in high-risk countries from firmware implants and backdoors.

As malware in the wild increasingly targets firmware for persistence, it is critical that IR and threat hunting efforts extend to the firmware as well.

The rise of bare-metal cloud service offerings brings new security challenges for customers and providers. While physical servers are dedicated to one customer at a time, they don’t stay that way forever. Vulnerabilities in a device’s firmware and weaknesses in the reclamation process open the door for firmware implants and rootkits to be passed from one customer to the next. We explore the security implications, present original research, and provide guidance on best practices.

FISMA, and the NIST documents supporting it, repeatedly underscore the importance of firmware security as part of a modern security program. Yet, this area remains one of the most overlooked and poorly understood areas of risk within government agencies. This document walks through the requirements and guidance that the law establishes in regard to firmware, and provides practical guidance and recommendations that organizations can use to not only comply with FISMA, but also to build a stronger security program.

Eclypsium is the industry’s leading enterprise firmware protection platform—providing a new layer of security to protect laptops, servers and network devices from firmware attacks. Learn how Eclypsium defends enterprises and government agencies from vulnerabilities and threats hidden within firmware that are invisible to most organizations today.

Learn how Eclypsium helps organizations manage and secure corporate and personal laptops, bare metal and cloud servers, network and storage appliances, routers and other devices with the the only scalable enterprise device security platform that protects you from threats to devices down to the firmware and hardware level.

Learn about how Eclypsium is delivering a new layer of security to defend the unguarded firmware and hardware infrastructure of the modern enterprise.

Insights, perspectives and commentary on cyber risks, security safeguards and technology innovations from TAG Cyber.

A visual introduction to the firmware attack surface of enterprise devices, this resource describes the dozens of components in modern laptops and servers that are vulnerable to firmware and hardware attacks and documents real-world threats for each category of component.