Dell and Cylance join the fight against bootkits. Dell has announced a partnership with Cylance, which will add a new security layer for its line of motherboards, a BIOS integrity verification mechanism aimed at detecting corrupted boot images.
Dell is just the latest company that has realized the threat that comes from bootkit malware, one of the hardest security threats to remove, even for trained professionals.
While bootkits have been around for years, only last summer, when the Hacking Team data breach happened, and security researchers got a chance to take a look at the spyware vendor’s hacking arsenal, did they realize how dangerous this malware category really is.
Now, after VirusTotal announced a firmware scanning feature only last week, Dell is announcing its own security tool aimed at countering this threat as well.
Dell will use AI technology to scan for malicious boot images
Named the Dell Data Protection | Endpoint Security Suite Enterprise, this is a simple a boot scanning mechanism to protect users against bootkit malware.
Dell’s new tool will work post-boot and will take the already loaded post-boot image and send it to a secure cloud server where it will be compared to a list of BIOS images issued by Dell’s laboratories.
What’s unique to this tool is the fact that it doesn’t need boot image signatures to validate clean images. Here is where Cylance’s AI technology comes into play, allowing it to detect infected images using dynamic mathematical models.
“The Dell Data Protection | Endpoint Security Suite Enterprise is the only endpoint security suite available today that integrates Cylance technology that employs artificial intelligence to protect against the execution of advanced persistent threats and malware including zero-day attacks, and targeted attacks such as spear phishing and ransomware,” said the two companies in a joint statement.
Customers that want this feature will have to purchase a special Dell Data Protection | Endpoint Security Suite Enterprise license.