Favicon of eclypsium

Eclypsium: Supply Chain Security for IT Infrastructure

Eclypsium helps organizations monitor and secure the foundational layers of their IT assets. It is designed for teams needing to meet regulatory compliance standards for firmware integrity.

At a glance

Category
Browse Security tools
Best for
Enterprise companies, Government agencies, Financial services organizations, Telecommunications providers, Energy and utility companies
Pricing
Pricing was not clearly available from the provided evidence. Buyers should confirm current pricing on the vendor website.
Key use cases
Supply Chain Risk Management, Regulatory Compliance, Low-Level Threat Hunting, AI Infrastructure Protection
Integrations
SIEM integration, ITSM integration, REST API
Official website
Visit eclypsium official website
Visit eclypsium
Visit eclypsiumeclypsium software interface screenshot

Eclypsium is a security platform designed to provide visibility into the hardware and firmware layers of an organization's IT infrastructure. It monitors components that reside below the operating system, where traditional endpoint detection and response (EDR) tools may not have visibility.

The platform is designed for enterprises, particularly those in regulated sectors such as financial services, government, telecommunications, and energy. It helps these organizations maintain a detailed inventory of their digital supply chain and monitor for unauthorized changes or vulnerabilities in low-level code.

Key capabilities include identifying rootkits and bootkits, supporting automated firmware patching, and verifying the authenticity of hardware. It is designed to support compliance with several frameworks, including NIST SP 800-53 and NERC CIP.

Buyers should confirm if this tool fits their environment, as it is positioned for enterprise-level needs with specific technical requirements.

Key Features

  • Hardware and Firmware Scanning

    Scans low-level code and hardware components to identify vulnerabilities and monitor integrity.

  • Component Inventory

    Provides Software Bills of Materials (SBOMs), Firmware BOMs, and Hardware BOMs for asset records.

  • Threat Detection

    Designed to detect implants, rootkits, and bootkits that may evade traditional EDR agents.

  • Automated Patching

    Supports the remediation of hardware and firmware vulnerabilities through automated updates.

  • AI Data Center Security

    Protects AI hardware and infrastructure by validating GPU integrity and monitoring compute environments.

  • Compliance Support

    Designed to help meet requirements for NIST, FFIEC, CJIS, and NERC CIP standards.

Use Cases

  • Supply Chain Risk Management

    Verifying that new hardware is authentic and free from tampering before deployment into production.

  • Regulatory Compliance

    Providing evidence of firmware integrity and baseline monitoring for government or financial audits.

  • Low-Level Threat Hunting

    Searching for indicators of compromise in the BIOS or firmware that may persist after an operating system re-install.

  • AI Infrastructure Protection

    Securing the foundational hardware and firmware used in AI data centers.

Best For

  • Enterprise companies
  • Government agencies
  • Financial services organizations
  • Telecommunications providers
  • Energy and utility companies

Integrations

  • SIEM integration
  • ITSM integration
  • REST API

Pricing

Pricing was not clearly available from the provided evidence. Buyers should confirm current pricing on the vendor website.

FAQ

What does Eclypsium do?

Eclypsium scans the hardware, firmware, and software components of IT infrastructure to create an inventory and detect vulnerabilities or threats that reside below the operating system.

Who is this software intended for?

It is designed for enterprise-level companies, particularly those in government, defense, financial services, and critical infrastructure.

Which compliance standards does Eclypsium support?

The platform is designed to help organizations meet standards such as NIST SP 800-53, NERC CIP, FFIEC, CJIS, and CMS ARS.

Source category: Security

Source subcategory: Vulnerability Management

More tools in Security

Other published listings in the Security category.

Favicon of 1password1passwordFavicon of 1Trooper Risk Cloud1Trooper Risk CloudFavicon of 24metrics24metricsFavicon of 2lrn42lrn4Favicon of 3rdrisk3rdriskFavicon of 42Crunch42Crunch

Browse all tools in Security

More tools tagged “Vulnerability Management”

Related listings that share the same software type tag.

Favicon of Acunetix360Acunetix360Favicon of aikidoaikidoFavicon of AisleAisleFavicon of Ammune.aiAmmune.aiFavicon of appknoxappknoxFavicon of AppScanAppScan

See all tools tagged “Vulnerability Management”

Categories

Software Type

How AI is used

Eclypsium is an enterprise supply chain security platform that monitors hardware and firmware for vulnerabilities and threats. It is designed for large organizations in regulated industries to support compliance and detect low-level threats like rootkits. Buyers should note that it is targeted at the enterprise level.

Pros & Cons

Pros

  • Provides visibility into the firmware layer where EDR tools often cannot reach
  • Provides detailed BOMs for hardware, firmware, and software
  • Supports a wide range of regulatory compliance frameworks
  • Supports automated patching for firmware vulnerabilities

Cons

  • Designed for enterprises, which may be too complex for smaller businesses
  • Requires technical expertise to manage and interpret findings
  • Pricing is not publicly available

Similar to eclypsium

Favicon of strobes ptaasstrobes ptaasFavicon of red sentryred sentryFavicon of fortifydatafortifydataFavicon of aikidoaikidoFavicon of Fluid AttacksFluid AttacksFavicon of attackforgeattackforgeFavicon of holm security vmpholm security vmpFavicon of appknoxappknox