PreOS Security are offer a variety of firmware security consulting services for various markets.
- On-site training (see below)
- Firmware level incident forensics
- Firmware test tool automation, scaling and customization
- Firmware security indicdent response and planning
- Hardware purchasing and lifecycle guidance - including firmware security integration
- Design of firmware security policies and procedures
- Integration of firmware security with existing infosec policies and procedures
PreOS Security offers firmware security training during and colocated with various conferences.
We also offer on-site training at your business.
Our configurable training modules include:
- How to use live / online analysis tools like CHIPSEC, FWTS and others.
- How to use offline analysis tools like CHIPSEC, UEFITools and others.
- Defending UEFI/ACPI systems
- Auditing UEFI sources
- Use & implementation of our PreOS Security Software
- Fix vendor-centric false positives in existing LUV tests.
- Create new standalone or integrated firmware security tests.
- Long term maintenance of firmware security tests.
- CHIPSEC modules
- FWTS test modules
- MsUEFI-Test-based unit tests
- LUV customizations
- Test porting to new architectures - eg: x86-clone, ARM
- Custom Tianocore builds, vendor trees with UEFI Forum trunk and multiple staging branches
- Assistance with continuous integration (CI)
- Source-level and run-time security analysis of custom Tiancore trees
- custom UEFI applications in C or Python
- custom UEFI SmartCard drivers
- custom UEFI User Identity (UID) drivers