Portland, OR – August 3, 2023 – Eclypsium®, the supply chain security company protecting critical hardware, firmware, and software, today announced its collaboration with Lenovo to support ThinkShield, the global technology company’s portfolio of cybersecurity solutions. The new offering, ThinkShield Firmware Defense, provides customers with scalable zero trust for every device, continuous monitoring, vulnerability and risk management, and digital supply chain assurance.
Powered by Eclypsium, ThinkShield Firmware Defense is a single platform that aims to address key aspects of firmware and device-level supply chain risks. Unlike vulnerability management and endpoint detection and response (EDR) tools that focus primarily on the user application software layer “above the OS” installed on the device, this solution provides comprehensive vulnerability and patch management, integrity monitoring, and threat detection capabilities for the device itself with the firmware and software “below the OS.”
“Attacks on IT infrastructure have risen sharply over the past several years and are now one of the leading categories of exploited vulnerabilities, with nearly half of all ransomware infections exploiting vulnerabilities in common software and devices,” said Eclypsium CEO and founder, Yuriy Bulygin. “ThinkShield Firmware Defense powered by Eclypsium evaluates critical endpoint devices and identifies those with weaknesses with the potential to be exploited in the wild. The solution includes the ability to update vulnerable device firmware so that even as new threats emerge, the attack surface remains protected. Essentially, ThinkShield Firmware Defense identifies, verifies, and fortifies all endpoint devices in an organization, significantly reducing the risk of attack, minimizing downtime, and helping to better secure an organization’s device supply chain.”
The global digital supply chain is increasingly complex, consisting of multiple underlying suppliers, sub-suppliers, and intermediaries, and each is a potential point of compromise. Nearly 88% of organizations have been the victim of a firmware-level cyber attack in the past two years, and 25% of known exploited vulnerabilities cataloged by the U.S. Cybersecurity & Infrastructure Security Agency are in pre-installed software & firmware.
ThinkShield Firmware Defense powered by Eclypsium helps secure and protect the third-party infrastructure code on which an organization depends. It helps address risk to organizations by extending threat detection to the firmware layer, enabling enterprises to identify firmware vulnerabilities in their devices, including servers, laptops, and workstations. The solution provides continuous monitoring and reporting of firmware threats, as well as proactive tools to protect against potential attacks, without requiring manual effort or specialized security skills from IT teams.
“It is very difficult for enterprises to defend against or manage what they cannot see. Firmware data resides in multiple systems and formats, making the capture and synchronization of meaningful component information difficult and costly. The rise of the remote workforce has compounded the problem, with asset accountability similarly expensive and hard to manage,” said Nima Baiati, Lenovo’s Executive Director and General Manager, Commercial Cybersecurity Solutions. “ThinkShield Firmware Defense provides a detailed inventory of device traits. It can scan for out-of-date firmware, vulnerabilities, and device misconfigurations, implement device sorting by risk level and searching by specific vulnerabilities. The software can also detect changes to the device baseline, unknown binaries, and known threats, such as rootkits and anomalous behavior. We’re excited to collaborate with Eclypsium to provide these capabilities.”
ThinkShield Firmware Defense gives IT teams a custom-fitted solution to help protect and manage the entire fleet — even remotely — and the use cases are numerous. The solution provides employers the ability to directly ship new devices to remote workers, validating that their firmware is uncompromised in the supply chain. It also offers additional security by monitoring the integrity of end-user devices that are deployed remotely, sending automated alerts for any changes in device integrity and finding weaknesses in posture that could put the device at risk.
ThinkShield Firmware Defense also provides ransomware and advanced threat protection, allowing organizations to proactively detect the presence of firmware-focused ransomware and malware, integrating directly into enterprise processes and tools for risk management and security operations to automate these efforts. Cloud-based remote updates and patching of outdated or vulnerable firmware helps keep devices in a secure state. Eclypsium can deploy updates directly or integrate with existing processes and tools to make patching more efficient for large organizations.
To schedule a demo and learn how ThinkShield Firmware Defense lets you put trust in every device in your digital supply chain, visit eclypsium.com or email your Eclypsium representative at [email protected]. For more information about Lenovo cybersecurity solutions, go to Lenovo ThinkShield.
About Eclypsium
Eclypsium’s cloud-based platform provides digital supply chain security for critical software, firmware and hardware in enterprise infrastructure. Eclypsium helps enterprises and government agencies mitigate risks to their infrastructure from complex technology supply chains. For more information, visit eclypsium.com.
MEDIA CONTACT:
[email protected]
About Lenovo
Lenovo (HKSE: 992) (ADR: LNVGY) is a US$62 billion revenue global technology powerhouse, ranked #171 in the Fortune Global 500, employing 77,000 people around the world, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver smarter technology for all, Lenovo has built on its success as the world’s largest PC company by further expanding into growth areas that fuel the advancement of ‘New IT’ technologies (client, edge, cloud, network, and intelligence) including server, storage, mobile, software, solutions, and services. This transformation together with Lenovo’s world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visit https://www.lenovo.com, and read about the latest news via our StoryHub.
MEDIA CONTACT:
[email protected]
LENOVO and THINKSHIELD are trademarks of Lenovo.
The post Eclypsium Collaborates with Lenovo on Digital Supply Chain Assurance appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise.