Ariella Robison

Eclypsium | Supply Chain Security for the Modern Enterprise

The post The Top Firmware and Hardware Attack Vectors appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise ... Read More

The U.S. Department of Defense’s new document, Zero Trust Overlays, provides the most up-to-date guidance for applying zero trust concepts in DoD organizations. The document builds upon prior publications such as the DoD’s Zero Trust Reference Architecture and Zero Trust Roadmap as well as NIST’s Risk Management Framework and SP ... Read More

Portland, OR – February 27, 2024 – Eclypsium, the leader in digital supply chain security for enterprise hardware, firmware and software infrastructure, and Second Front Systems (2F), whose mission is to accelerate delivery of emerging technology to U.S. and Allied warfighters, today announced their strategic partnership. Together, they will provide ... Read More

Portland, OR – February 15, 2024 – Eclypsium, the leader in digital supply chain security for enterprise hardware, firmware and software infrastructure, today announced record growth for its fiscal year ended January 31, 2024. Revenue growth was driven by its Supply Chain Security Platform for enterprise customers and new key ... Read More

Unveiling CVE-2023-40547 – Safeguarding Systems from Critical Shim Vulnerability A vulnerability tracked as CVE-2023-40547 impacts shim, a critical piece of software used by most Linux distributions to support UEFI Secure Boot. Discovered and reported by Bill Demirkapi at Microsoft’s Security Response Center, this particular vulnerability stems from HTTP protocol handling, ... Read More

Portland, OR – Oct. 27, 2023 – Eclypsium®, the digital supply chain security company protecting critical hardware, firmware, and software in enterprise IT infrastructure, today announced that Cyber Defense Magazine (CDM), the industry’s leading electronic information security magazine, has awarded the company with the 2023 Top InfoSec Innovator Award for ... Read More

Firmware security is a key element of multiple important NIST documents, including SP 800-37 (the Risk Management Framework), SP 800-53 (Security and Privacy Controls), SP 800-147 (BIOS Protection Guidelines), 800-155 (BIOS Integrity Measurement) and 800-193 (Platform Resiliency Guidelines). At a high level, SP 800-37 establishes a lifecycle approach that guides ... Read More

Learn how firmware security fits into this widely used framework that tracks and maps adversary actions. Find out which tactics and techniques are leveraging firmware vulnerabilities and known exploits. The post Firmware and Frameworks: MITRE ATT&CK  appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise ... Read More

According to John Loucaides,  senior vice president of strategy, the leak of BootGuard keys, even OEM keys, is a “big deal” due to the access BootGuard has. “The underlying threat is that attackers will create malicious firmware that appears valid and works on various systems. This is a real threat, ... Read More

A complete enterprise solution, from core to cloud. The Eclypsium supply chain security platform protects hardware, firmware, and software components. With Eclypsium, your teams can quickly and simply implement critical security controls to protect against below-the-surface threats: asset inventory, vulnerability management, and threat detection. Read More > The post Eclypsium ... Read More