Security Weekly

Supply Chain & Firmware Security – Xeno Kovah – PSW #811

Full Audio

View Show Index

Segments

1. Supply Chain – PSW #811

Hosts

Bill Brenner
Bill Brenner
Senior Vice President, Audience Content Strategy at CyberRisk Alliance
Jeff Man
Jeff Man
Sr. InfoSec Consultant – Online Business Systems at Online Business Sytems
Josh Marpet
Josh Marpet
Executive Director at RM-ISAO
Larry Pesce
Larry Pesce
Product Security Research and Analysis Director at Finite State
Matt Alderman
Matt Alderman
Chief Product Officer at CyberSaint

2. Learning About Firmware Security – Xeno Kovah – PSW #811

Sponsored By

Eclypsium

Guest

Xeno Kovah
Xeno Kovah
Founder at OpenSecurityTraining2

Xeno began leading BIOS security research projects at MITRE in 2011. His team’s first public talks started appearing in 2013, which led to a flurry of presentations on BIOS-level vulnerabilities up through 2014. In 2015 he co-founded LegbaCore. And after presenting a firmware worm that could spread between Macs via Apple’s EFI-based BIOS and Thunderbolt Ethernet adapters, he ended up working for Apple. There he worked on securing all the lesser-known firmwares on Macs and peripherals – everything from 3rd party GPUs to SecureBoot for monitors! He worked on the x86-side of the T2 SecureBoot architecture, and his final project was leading the M1 SecureBoot architecture – being directly responsible for designing a system that could provide iOS-level security, while still allowing customer choice to trust arbitrary non-Apple code such as Linux bootloaders. He left Apple in Dec. 2020 after the M1 Macs shipped, so he could work full time on OpenSecurityTraining2.

Host

Scott Scheferman
Scott Scheferman
Principal Cyber Strategist at Eclypsium