Sepio | Resources | Case Studies

Zero Trust Hardware Access – Case Study Brief

Zero Trust Hardware Access

HAC-1 implements a Zero Trust Hardware Access policy by verifying the device’s true identity with physical layer (L1) information. Extensive built in threat intelligence database for known-to-be-vulnerable devices provides additional valuable risk scoring.

A Man in The Middle hardware attack over a network printer in a financial institution. In this case, a Raspberry Pi 4, configured in transparent bridge mode, spoofing a legitimate printer. Leaking PCL files being sent to the enterprise’s network printer. Exfiltration was done through the built-in AP functionality in the RP4 device.

Enterprises are challenged with gaining accurate visibility into hardware assets, especially in today’s extremely challenging IT/OT/IoT environment. In order to address this challenge, ultimate visibility into your Hardware assets is required, regardless of their characteristics and the interface used for connection as attackers. Sepio is the leader in visibility, control and mitigation of hardware assets and is disrupting the cybersecurity industry by uncovering hidden hardware attacks operating over network and USB interfaces. HAC-1, which orchestrates Sepio’s solution, identifies, detects and handles all network devices including peripherals; no device goes unmanaged.

Download Case Study
May 2nd, 2021