Eclypsium protects DoD and federal agencies and contractors from the foundation of your computing infrastructure upward, controlling the risks and stopping threats to the firmware and hardware inside every laptop, server and networking device. Attackers know that traditional security tools lack visibility into firmware and are increasingly using implants and backdoors to bypass security controls, persist invisibly and disrupt government IT infrastructure. Eclypsium closes this gap by finding and mitigating the weaknesses and threats in firmware that traditional security misses.
FISMA standards identify firmware as a critical part of a security program, but many federal organizations lack the tools and experience to assess and measure compliance. Eclypsium equips you with the tools you need to assess your firmware security vulnerabilities and risks, take action and demonstrate your compliance with FISMA requirements down to the firmware and hardware level. Carahsoft and Eclypsium have teamed together to provide a new level of security to protect government IT infrastructure from firmware and hardware attacks.
The Eclypsium Platform provides the most complete solution for protecting government IT infrastructure from firmware threats. Our software platform provides full command and control visibility into the firmware running on all the key components of your laptops, servers and network devices, wherever they are deployed. At a glance, you’ll see if there are implants or backdoors in your firmware, identify vulnerabilities and threats, and be able to assess which devices are out of date and in need of patching. You’ll get expert guidance on the severity of vulnerabilities, and links to the latest firmware updates, so that you can mitigate threats and protect your assets. And you’ll gain the tools you need to demonstrate compliance with NIST and FISMA controls at the firmware and hardware level.
Eclypsium Product Features:
The Eclypsium Platform uses static and behavioral analysis, as well as comparing firmware against our database of millions of firmware hashes across dozens of enterprise hardware vendors to identify changes to baselines, find outdated firmware and expose tampering.
Schedule regular scans or perform ad-hoc scans of devices for firmware vulnerabilities, outdated versions, hardware misconfigurations, and missing protections. Based on scan results take actions such as applying updates or quarantining devices.
Detect and alert on threats such as hardware implants, backdoors and rootkits. Leverage IOCs, static, behavioral, and heuristic analysis to find known or unknown threats or changes to firmware integrity.
Maintain a complete view of your entire environment or focus on a specific group of devices, with insight into firmware and components so that you know your security posture at all times.
Detailed analysis & reporting of any firmware image enables digital forensics to gather evidence to investigate the context of any attack as well as identifying and limiting the exposure of a breach, as part of a complete incident response playbook.
Eclypsium accelerates patching and update efforts, enabling staff to address weaknesses and save time. When threats are encountered, the platform can prevent damage, and robust APIs enable automated orchestration efforts such as quarantine of affected devices.
August 18, 2020 at 1:00 PM ET