You ship us a single example of a current, or intended fleet machine - laptop, desktop or server, and we’ll make you a firmware security report for that system. Use this report to inform purchasing decisions, system security positioning, and improve IT procedures such as firmware updates and incident response.
Example reports available September 2018 for Lenovo Carbon X1 6th Generation, Dell XPS 13 9370 (Early 2018), and Purism Librem 15v3.
If it is an Intel x86_64 machine, we will run:
- Firmware Test Suite (FWTS)
and include an analysis of the results in the report.
We will run all publicly available firmware and hardware vulnerability tools and check version numbers, for known issues such as:
- Intel AMT
- Intel ME
- AMD PSP
We’ll include a comprehensive list of firmware on the system, and highlight potential issues such as:
- Closed source binary blobs
- Modifiable firmware
- How it can be modified (eg: desoldering and flashing chips, JTAG, I2C, etc)
- Compliance with applicable NIST standards
- Tools, updates and support availability from component manufacturer, and OEM
We will look for operational support, such as signed firmware updates via Windows update and Linux Vendor Firmware Service (aka: fwupd).
We will make recommendations if this system should not be used in sensitive areas such as:
- Executives (CEO, CTO, etc)
- Critical Infrastructure