Your endpoint security might be bulletproof, but what about the hardware and firmware layers running underneath it?
In this interview, recorded at RSAC 2026 Conference, Brian Dunphy from Eclipsium discusses with us a growing threat that most organizations aren’t even monitoring: attacks targeting the physical hardware infrastructure that traditional security tools completely ignore.
While enterprises focus on protecting their operating systems and applications with EDR, antivirus, and zero trust solutions, attackers have found a new soft target. Network infrastructure, server firmware, and hardware components lack the security controls that endpoints enjoy.
What you’ll discover in this video
The conversation goes into why the hardware security gap exists and what makes it so dangerous. You’ll learn about specific attack vectors that are seeing dramatic increases in exploitation attempts, including one category of devices that experienced an 8x surge in attacks over just the past year.
The conversation further explores how organizations can verify that their hardware hasn’t been compromised, even when dealing with complex supply chains and multiple vendors. You’ll discover what hardware bill of materials (HBOM) and firmware bill of materials (FBOM) reveal about your infrastructure, and also that theoretical vendor documentation isn’t enough.
For those managing critical infrastructure, the discussion covers challenges in OT environments where decade-old systems can’t be easily patched, and why the common belief in air-gapped networks is largely a myth. Dunphy also goes into what actually protects those bridges between IT and OT environments, and what happens when that protection fails.
Key topics covered
- Why network edge devices represent the highest exploitation risk and what makes them such attractive targets
- How attackers persist at the hardware level even after OS reimaging
- The role of supply chain security in preventing firmware-level compromises
- What data center operators and NEO cloud providers need to verify before moving infrastructure between customers
- How AI infrastructure and GPU farms introduce new hardware security requirements
- Why IoT devices are becoming the next major attack vector
- How security teams can gain visibility into hardware integrity without requiring deep technical expertise
Whether you’re a CISO evaluating security priorities, a data center operator fielding increasingly detailed RFPs, or a security professional wondering why hardware attacks are suddenly everywhere, this interview provides crucial context for understanding a threat landscape that’s evolving faster than most organizations realize.
Watch now to discover why blind trust in hardware vendors is no longer acceptable, and what you can do about it.