Eclypsium, the supply chain security company protecting critical hardware, firmware, and software, announced its collaboration with Lenovo to support ThinkShield, the global technology company’s portfolio of cybersecurity solutions. The new offering, ThinkShield Firmware Defense, provides customers with scalable zero trust for every device, continuous monitoring, vulnerability and risk management, and digital supply chain assurance.
Powered by Eclypsium, ThinkShield Firmware Defense is a single platform that aims to address key aspects of firmware and device-level supply chain risks. Unlike vulnerability management and endpoint detection and response (EDR) tools that focus primarily on the user application software layer “above the OS” installed on the device, this solution provides comprehensive vulnerability and patch management, integrity monitoring, and threat detection capabilities for the device itself with the firmware and software “below the OS.”
“Attacks on IT infrastructure have risen sharply over the past several years and are now one of the leading categories of exploited vulnerabilities, with nearly half of all ransomware infections exploiting vulnerabilities in common software and devices,” said Eclypsium CEO and founder, Yuriy Bulygin. “ThinkShield Firmware Defense powered by Eclypsium evaluates critical endpoint devices and identifies those with weaknesses with the potential to be exploited in the wild. The solution includes the ability to update vulnerable device firmware so that even as new threats emerge, the attack surface remains protected. Essentially, ThinkShield Firmware Defense identifies, verifies, and fortifies all endpoint devices in an organization, significantly reducing the risk of attack, minimizing downtime, and helping to better secure an organization’s device supply chain.”
Also Read: Candock Embarks on Digital Commerce Growth with Tecsys’ Cloud WMS Platform
The global digital supply chain is increasingly complex, consisting of multiple underlying suppliers, sub-suppliers, and intermediaries, and each is a potential point of compromise. Nearly 88% of organizations have been the victim of a firmware-level cyber attack in the past two years, and 25% of known exploited vulnerabilities cataloged by the U.S. Cybersecurity & Infrastructure Security Agency are in pre-installed software & firmware.
ThinkShield Firmware Defense powered by Eclypsium helps secure and protect the third-party infrastructure code on which an organization depends. It helps address risk to organizations by extending threat detection to the firmware layer, enabling enterprises to identify firmware vulnerabilities in their devices, including servers, laptops, and workstations. The solution provides continuous monitoring and reporting of firmware threats, as well as proactive tools to protect against potential attacks, without requiring manual effort or specialized security skills from IT teams.
“It is very difficult for enterprises to defend against or manage what they cannot see. Firmware data resides in multiple systems and formats, making the capture and synchronization of meaningful component information difficult and costly. The rise of the remote workforce has compounded the problem, with asset accountability similarly expensive and hard to manage,” said Nima Baiati, Lenovo’s Executive Director and General Manager, Commercial Cybersecurity Solutions. “ThinkShield Firmware Defense provides a detailed inventory of device traits. It can scan for out-of-date firmware, vulnerabilities, and device misconfigurations, implement device sorting by risk level and searching by specific vulnerabilities. The software can also detect changes to the device baseline, unknown binaries, and known threats, such as rootkits and anomalous behavior. We’re excited to collaborate with Eclypsium to provide these capabilities.”
SOURCE: BusinessWire