Trapezoid
A Revolutionary Enterprise-wide Platform for Device Integrity Monitoring
OVERVIEW
Transform Your Enterprise Security with Continuous Firmware Monitoring
Trapezoid® FIVE is the world’s first enterprise security platform for continuously monitoring IT, OT and IoT devices across your network. It helps organizations evaluate firmware anomalies and identify vulnerabilities below the operating system that could be an indicator of compromise.
With Trapezoid FIVE, you can see the firmware health of your enterprise at a glance, while tracking vulnerabilities, events and critical alerts in real time.
Trapezoid gives you the insights you need to pinpoint enterprise-wide firmware security threats, produce compliance reports for auditors, and manage the operational hygiene of your entire firmware enterprise from a single pane of glass.
Gain Visibility
With Trapezoid FIVE, you get complete visibility into the firmware layer of security for your entire enterprise. With that visibility you can operationally manage your environment, respond to indicators of compromise and achieve your cybersecurity compliance requirements.
Identify Indicators of Compromise
Trapezoid FIVE forensically monitors devices for changes that can be evaluated to determine whether there is an indicator of compromise. By tracking the behavior of a device versus its taxonomy, we can intelligently analyze every device on your network and determine if it has been compromised.
Enhance your Operational Hygiene
With the flexible analytics-driven dashboard, Trapezoid FIVE can help you mitigate risk throughout your environment by managing vulnerabilities, identifying your high priority assets, and using actionable, real-time intelligence to make decisions.
Good operational hygiene, is good security, which is good compliance.
CAPABILITIES
Transform Your Cybersecurity by Monitoring Every Device on your Network – IT, OT, or IoT
The list includes but is not limited to…
Information Technology (IT)
- Servers
- Switches
- VPNs
- Workstations
- Laptops
- Printers
- Routers
- Storage devices
- Hard drives
- Firewalls
Operational Technology (OT)
- Pipelines
- PLCs
- SCADA devices
- Manufacturing equipment
- Nuclear device controllers
- ATMs
- Weapons systems
- Critical infrastructure
- Medical devices
- Aircraft and drones
Internet of Things (IoT)
-
Phones
-
Tablets
-
Lighting systems
-
Televisions
-
Appliances
-
Automobiles
-
Networked coffee pots
CAPABILITIES
Behavior, Not Taxonomy, is the Power of Trapezoid FIVE
Trapezoid’s industry-leading approach to gauging device integrity tracks devices based on the behavior not the taxonomy of individual devices. We monitor devices based on the Trapezoid Quadrants of Integrity to deliver a best-in-class analysis that gives users critical information they need to investigate a device, determine if it has in fact been compromised, and remediate it.
Hardware
Detects and physical changes to that device such as HDD, memory, or a board change. These device hardware changes can then be investigated to determine if they were in fact authorized or if that device has been tampered with and should no longer be trusted. Any unauthorized changes in the hardware of a device can introduce malicious code and can be considered an indicator of compromise.
Firmware
Monitors OEM firmware integrity artifacts to determine if it is in fact a known good version. We check the National Vulnerability Database (NVD) for any known vulnerabilities. We also monitor for any changes that have occurred to that firmware and alert to that effect.
Configuration
Monitors for any configuration changes such as security password and encryption changes which can be an indicator of compromise.
Operational Metrics
Monitors changes in power consumption, bandwidth usage, processing load, abnormal boot cycles, and heat signature. All of these operational metrics can be an indicator of compromised firmware.
CAPABILITIES
Best-in-Class Research Powers the Trapezoid FIVE Platform
There will be over 68 billion IoT devices alone in circulation by 2022. No single company could ever possibly research the firmware of every single manufacturer and device class and type in the world across all IT, OT, and IoT devices. So we built a powerful multi-tenant platform for monitoring any device type and applied an industry-leading approach to evaluate those devices on your network.
Our platform can utilize OEM whitelists, the National Vulnerability Database (NVD) and third-party independent research teams, as well as custom research done by our customers to deliver vulnerability information directly into your Trapezoid FIVE feed.
The result? You get to see threat alerts and indicators of firmware compromise based upon novel device behavioral analysis mapped against the best available research from the leading firms in the industry.
KEY FEATURES
What Makes Trapezoid FIVE the Industry Leading Device Integrity Monitoring Platform
OEM and Device Agnostic
Monitors IT, OT and IoT networked and air-gapped devices for indicators of compromise across four quadrants of integrity.
DoD COTS Certified
Certified by the Department of Defense as a commercial off the shelf product for procurement.
Flexible Deployment
Multi-tenancy ready, deployable in the cloud, on-prem, or in a hybrid model.
Capable of Big Data Analysis
Runs data science tools directly, requires no ETL for data preparation.
Easy to Install
Deployable as an appliance and can be installed in a little as 5 minutes.
Built for Compliance
Meets or exceeds all major cybersecurity frameworks for the continuous monitoring of firmware, including NIST SP 800-53, FISMA, FEDRAMP, HIPAA, HITRUST CSF, PCI DSS and GDPR.
Lightweight and Agentless
Monitoring in real time without the use of an agent speeds installation time, and user definable device polling reduces network traffic to near zero performance impact.
Single Pane of Glass Monitoring
Receive alerts through your existing SEIM platform or drill down into our user interface for additional forensic investigation.
Multiple Patents
Three foundational patents ensure Trapezoid’s unique ability to capture and display device data, match it against known research, and alert security teams effectively.
Information Driven Dashboard
Intuitive UI gives you multiple views into your enterprise firmware below the OS at-a-glance with rolled up metrics, and drill-down capabilities to view the behavior of any specific device.
Seamless Integration
Integrates with a variety of industry leading cybersecurity applications and allows for new integrations with ease using our published API.
Custom Reporting Engine
Standard reports can be customized to highlight any data you prefer, or create custom reports to track specific operational hygiene, incident response, compliance or supply chain integrity metrics.
Best in Class Research
Trapezoid FIVE ingests research from best in class industry sources to enhance our monitoring capabilities, pulling from the National Vulnerability Database, OEM white lists, independent research, and even client-specific research.