Defending, Detecting, and Responding to Hardware and Firmware Attacks - Teddy Reed - USENIX Enigma Conference - 2016

Explore the critical landscape of hardware and firmware security in this 26-minute conference talk from USENIX Enigma 2016. Delve into the challenges of defending against, detecting, and responding to firmware attacks, with a focus on enterprise defense strategies. Learn about the vulnerabilities in BIOS/UEFI systems, the fragmentation problem in firmware security, and the cultural obstacles to implementing secure boot. Discover practical approaches to enhancing visibility through baselining kernel drivers, boot loaders, and other platform components. Gain insights into creating production-deployable recipes for deep systems defense, and understand where defenders remain vulnerable to compromise. Examine tools and actions for immediate implementation, and explore recommendations for industry-wide improvements in hardware and firmware security.

Introduction
Firmware Security
Attack Surface
Foundation Code
Firmware Updates
Kernel Extensions
Threat Predictions
File Integrity Monitoring
PCI Device Monitoring
USB Devices
EFI
OS Query
Event Stream
Firmware
Firmware Parsing
Remote attestation