Overview

Eclypsium protects DoD and federal agencies and contractors from the foundation of your computing infrastructure upward, controlling the risks and stopping threats to the firmware and hardware inside every laptop, server and networking device. Attackers know that traditional security tools lack visibility into firmware and are increasingly using implants and backdoors to bypass security controls, persist invisibly and disrupt government IT infrastructure. Eclypsium closes this gap by finding and mitigating the weaknesses and threats in firmware that traditional security misses.

FISMA standards identify firmware as a critical part of a security program, but many federal organizations lack the tools and experience to assess and measure compliance. Eclypsium equips you with the tools you need to assess your firmware security vulnerabilities and risks, take action and demonstrate your compliance with FISMA requirements down to the firmware and hardware level. Carahsoft and Eclypsium have teamed together to provide a new level of security to protect government IT infrastructure from firmware and hardware attacks.

Product Features

Eclypsium - The Industry's Leading Firmware Protection Platform

The Eclypsium Platform provides the most complete solution for protecting government IT infrastructure from firmware threats. Our software platform provides full command and control visibility into the firmware running on all the key components of your laptops, servers and network devices, wherever they are deployed. At a glance, you’ll see if there are implants or backdoors in your firmware, identify vulnerabilities and threats, and be able to assess which devices are out of date and in need of patching. You’ll get expert guidance on the severity of vulnerabilities, and links to the latest firmware updates, so that you can mitigate threats and protect your assets. And you’ll gain the tools you need to demonstrate compliance with NIST and FISMA controls at the firmware and hardware level.


  • Reduce hidden firmware risk
  • Find threats you've been missing
  • Break the cycle of re-infection
  • Proactively verify your supply chain
  • Save time & effort
  • Demonstrate FISMA compliance

Eclypsium Product Features:

  • The Industry's Largest Global Firmware Reputation Database

    The Eclypsium Platform uses static and behavioral analysis, as well as comparing firmware against our database of millions of firmware hashes across dozens of enterprise hardware vendors to identify changes to baselines, find outdated firmware and expose tampering.

  • Firmware Risk & Vulnerability Scanning

    Schedule regular scans or perform ad-hoc scans of devices for firmware vulnerabilities, outdated versions, hardware misconfigurations, and missing protections. Based on scan results take actions such as applying updates or quarantining devices.

  • Firmware Threat Detection

    Detect and alert on threats such as hardware implants, backdoors and rootkits. Leverage IOCs, static, behavioral, and heuristic analysis to find known or unknown threats or changes to firmware integrity.

  • Comprehensive Firmware Monitoring

    Maintain a complete view of your entire environment or focus on a specific group of devices, with insight into firmware and components so that you know your security posture at all times.

  • Firmware Incident Response & Forensics

    Detailed analysis & reporting of any firmware image enables digital forensics to gather evidence to investigate the context of any attack as well as identifying and limiting the exposure of a breach, as part of a complete incident response playbook.

  • Firmware Patch Management

    Eclypsium accelerates patching and update efforts, enabling staff to address weaknesses and save time. When threats are encountered, the platform can prevent damage, and robust APIs enable automated orchestration efforts such as quarantine of affected devices.

Resources

SELECT Resource_ID, Title, Vendor, Vertical, Type, DateAdded, Path, Linktype, InvisibleBit, FeaturedEnd, FeaturedBit, Description, CustomLogo, LegacyLink, Form FROM Resources WHERE Vendor = ? AND InvisibleBit = 0 ORDER BY FeaturedBit DESC, Type ASC

Video


Whitepaper

As firmware-level threats continue to gain traction in the wild, security teams need to quickly get up to speed on how these threats work and how their devices can be targeted and attacked. In this paper we demystify the most common types of firmware threats today and analyze their path into an orga...

FISMA, and the NIST documents supporting it, repeatedly underscore the importance of firmware security as part of a modern security program. Yet, this area remains one of the most overlooked and poorly understood areas of risk within government agencies. This document walks through the requirements ...

Consider a new approach to protecting IT assets in high-risk countries from firmware implants and backdoors.