In this Black Hills Information Security (BHIS) webcast, Paul will share free and open-source tools and techniques to evaluate the state of security on the firmware-based devices that live inside your devices, and servers., including:
* Utilities such as dmidecode, fwupd, dbxtool, and Chipsec to explore devices and firmware
* Enumerating and updating firmware within your system using LVFS (Linux Vendor Firmware Service)
* Enabling Secure Boot and its components (and keeping your DBX up-to-date using new functionality in LVFS!)
* Discovering Intel ME/AMT and associated vulnerabilities
* Using Chipsec to understand the permissions applied (or not applied) on your SPI flash chip
Paul Asadoorian (Podcast Personality at Security Weekly) works for Eclypsium as the Firmware Security Evangelist.
Join the Infosec Knowledge Sharing Discord server: https://discord.gg/fr5wqbF