.png)
.png)
Nowadays, it’s difficult to find any hardware vendor who develops all the components present in its products. The big piece of it outsourced to OEM’s includes firmware too. That creates additional complexity and limits to hardware vendors to have full control of their hardware products. That creates not only additional supply chain security risks but also produces security gaps in the threat modeling process by design. In most cases hardware vendors separate threat model and security boundaries for each hardware component present on the platform but in reality, it misses a lot of details which is directly reflected on platform security. In this talk, we will look over the prism hardware and firmware forensics with threat intelligence sauce.
