To provide best-in-class device integrity monitoring, augmented with the world’s best vulnerability research.
To aid incident responders, promote operational hygiene and help meet compliance requirements.
To fortify the supply chain with our patented Trapezoid Marker technology.
Firmware and Device Integrity Monitoring for the Enterprise
We founded Trapezoid in 2012 to solve the problem of “zero visibility” into the hardware and firmware layer.
Nation-states have been weaponizing firmware attacks worldwide for more than a decade. Yet traditional security tools only counter attacks at or above the operating system. The lack of security focus below the OS has allowed bad actors to freely exploit this powerful attack vector. This is a threat to government, critical infrastructure, industrial and financial sectors alike.
The team at Trapezoid is proud to be considered thought leaders in this emerging threat space. Since launching the company, we have worked with industry, education and government entities on this problem. With their feedback, we developed Trapezoid FIVE to address what is now referred to as “vulnerabilities below the operating system” or VBOS. While VBOS has been completely overlooked for many years, it has emerged as a major national security issue that organizations can no longer ignore.
When we started the company, we did not know what kind of data we could analyze for indicators of compromise below the OS. We first focused on X86 servers. Our initial market approach was to provide visibility below the OS to secure cloud production environments.
While customers saw the value in that, they wanted visibility below the OS across the entire enterprise. Our problem was our data schema was not flexible enough to add new device types without major changes. Trying to add network gear to a platform designed for server architecture did not work! We soon realized that creating a taxonomy for each device type was not the answer. So, we had to rethink our platform so we could ingest data from and monitor any type or class of device, be it IT, OT, or IoT. The redesign took a lot of thought but resulted in the current version of our product, which is an excellent forensics tool.
Next, we evolved Trapezoid FIVE from a forensics tool to a VBOS information platform. With all the data we capture across device types, we are now modeling the behavior of each device to identify indicators of compromise. We then convert that data to actionable information available via operational dashboards and reports. We are proud that through this evolution our platform can give government, critical infrastructure and commercial enterprises comprehensive visibility to VBOS across their entire environments.
Learn More about Trapezoid