Wednesday Feb 21, 2024
Below-the-OS Security with Yuriy Bulygin
Fun fact: There are more vulnerabilities and exploits below the OS layer than above it!
CPUs, BIOS, Firmware, embedded Linux, FPGAs, UEFI, PXE... The list goes on an on. What are we supposed to do about that?
Allan asked Yuriy to come down to the 'Ranch to discuss this issue with him. Yuriy is CEO at Eclypsium, member of the Forbes Technology Counsel, Founder of the open source CHIPSEC project, former head of Threat Research at McAfee, form Senior Principle Engineer at Intel… He is uniquely qualified to discuss these issues.
Full DISCLAIMER: Allan is CISO at Eclypsium. Note that he asked Yuriy to come on the show, not the other way around. Nobody knows this space like Yuriy and his team.
Allan asks Yuriy about:
- The history of CPU exploits
- Unauthorized code in chips in network gear
- The various hacks available at this layer
- The role of SBOM in all this
- The open source CHIPSEC project
It's an eye-opening show to say the least.
Y'all be good now!