Eclypsium, the digital supply chain security company protecting critical hardware, firmware, and software in enterprise IT infrastructure, today announced its collaboration with Intel to provide enhanced visibility into supply chains with the Eclypsium Supply Chain Security Platform. The new offering helps businesses improve mean-time-to-detection and bolster security posture, lower hardware costs by extending the life cycle of devices, achieve regulatory compliance by easily implementing security controls for device integrity and firmware security, and reduce supply chain risk by making better IT procurement decisions and quickly assessing the impact of threats.
The globalization of digital supply chains, coupled with the complexities of modern manufacturing logistics, make it increasingly difficult for businesses to trace the origin and safety of the components within their devices. With reports of firmware attacks rising rapidly in recent years — more than 500% since 2018, according to the National Institute of Standards and Technology (NIST) — supply chain risk is a growing concern for organizations globally. Without a firmware upgrade plan in place, organizations are at high risk for breach due to vulnerabilities, largely because current supply chain practices are limited to screening out counterfeit components, particularly when it comes to products containing many subsystems. Endpoint security and vulnerability management tools do not adequately capture foundational vulnerabilities, including those in firmware, BIOS, and microcode.
“Businesses need assurance that their data center suppliers can provide tamper-proof supply chains, from the manufacturing facility all the way into the hands of the end user,” stated Yuriy Bulygin, CEO and cofounder of Eclypsium. “But when the 2022 Verizon Data Breach Investigations Report says the supply chain is responsible for nearly two-thirds of system intrusion incidents, we know this isn’t happening. Organizations need the ability to validate the authenticity and integrity of components and software from their suppliers. Eclypsium’s partnership with Intel fills a void in existing supply chain security practices, tracking vulnerabilities and ensuring the integrity of critical device components and software. Our goal is to create trust in the infrastructure supply chain through transparency.”
Digital supply chains are a complex web of products that rely on a myriad of components sourced from a network of ever-changing suppliers, who in turn rely on their own networks of sub-suppliers. This creates an inherent level of invisible risk for every device-user along the chain, with a single weak link able to compromise the entire system. Eclypsium fortifies businesses against supply chain threats, from the foundational hardware and firmware to cloud infrastructure, enabling them to quickly implement crucial security controls, asset inventory, vulnerability management, and threat detection across their entire digital supply chain.
“Intel® Endpoint Cloud Services offers a set of innovative and advanced insights for vulnerability management and supply chain risk. Insights from Intel® Transparent Supply Chain and Intel® Device Health enable organizations to proactively protect against emerging vulnerability and supply chain threats,” said Anand Pashupathy, vice president and general manager of Intel’s Security Software and Services Division. “Our work with Eclypsium delivers these insights within an enterprise-class solution, enabling decision makers to act with the most detailed and up-to-date information possible.”
Intel® Endpoint Cloud Services include Intel® Transparent Supply Chain, a set of tools, policies, procedures, and data capture that extend from motherboard production, through the manufacturing factory floor, to the data center, enabling users to verify the authenticity of components, installed firmware, and the configuration of their systems. The services also include Intel® Device Health, which automates the identification and targeted patching of foundational vulnerabilities found in BIOS and UEFI, CPU microcode, Intel® Management Engine, and other types of firmware.
Eclypsium’s cloud-based and on-premises platform provides digital supply chain security for critical software, firmware and hardware in enterprise infrastructure. Eclypsium helps enterprises and government agencies mitigate risks to their infrastructure from complex technology supply chains.
Intel (Nasdaq: INTC) is an industry leader, creating world-changing technology that enables global progress and enriches lives. Inspired by Moore’s Law, we continuously work to advance the design and manufacturing of semiconductors to help address our customers’ greatest challenges. By embedding intelligence in the cloud, network, edge and every kind of computing device, we unleash the potential of data to transform business and society for the better.
Are you working on an interesting project in anti-counterfeit, authentication, brand protection, traceability, cybersecurity or supply chain security? SecuringIndustry.com is modifying our editorial policy and will soon accept submitted articles – as long as they are relevant, timely and non-promotional – across all the industrial categories we cover. We are also expanding coverage in other areas where traceability can play a role, including the circular economy, sustainability/ESG, and corporate responsibility. If that is of interest drop us a line at firstname.lastname@example.org.