Security specialty

Hardware Firmware Security

Browse every cataloged workflow for hardware firmware security, with source context, tags, and security framework mappings intact.

Complete collection

Skills in this domain

4 skills

cybersecuritySkill

Auditing UEFI Firmware with CHIPSEC

Use Intel CHIPSEC to assess platform firmware configuration, SPI flash write protection, BIOS lock, SMM/SMRR, and Secure Boot variable state, dump SPI flash, and triage UEFI variables for firmware-level threats.

Hardware Firmware Security
bios-write-protectionchipsecfirmware-assessmenthardware-firmware-security+4
ATT&CK, 1 mappingNIST CSF, 1 mapping
cybersecuritySkill

Detecting Secure Boot Bypass

Detect bootkits such as BlackLotus and Bootkitty and Secure Boot bypass via DBX and binary checks.

Hardware Firmware Security
blacklotusbootkitchipsecdbx-revocation+4
ATT&CK, 5 mappingsNIST CSF, 1 mapping
cybersecuritySkill

Hunting Bootkits in the EFI System Partition

Baseline the EFI System Partition and hunt malicious EFI binaries (ESPecter, BlackLotus, Bootkitty, Glupteba) by mounting the ESP, hashing and verifying boot loaders, scanning with YARA, and detecting anomalous non-EFI files.

Hardware Firmware Security
bootkitefi-system-partitionfirmware-forensicsmeasured-boot+4
ATT&CK, 1 mappingNIST CSF, 1 mapping
cybersecuritySkill

Validating TPM Measured Boot and Attestation

Verify TPM PCRs and measured-boot and remote-attestation integrity.

Hardware Firmware Security
hardware-firmware-securityintegrity-verificationmeasured-bootpcr+4
ATT&CK, 5 mappingsNIST CSF, 1 mapping