Endpoint/Device Security, API security

ESET Announces UEFI Research, Solutions Ahead of RSA 2024

Next week at the RSA Conference in San Francisco (May 6–9), ESET will spotlight critical vulnerabilities in the Unified Extensible Firmware Interface (UEFI) security and “AI-native” remediation solutions, according to a news announcement on Tuesday. Martin Smolár, a malware researcher at ESET, will highlight the discovery of the BlackLotus UEFI bootkit in a talk on May 7. This session is aimed at addressing the escalating number of UEFI threats which, despite their increasing prevalence, remain overlooked by many organizations.

By taking control of the OS boot process, UEFI bootkits allow attackers to operate under the radar, bypassing standard security measures. "The security risks at this critical computing layer are often ignored, yet the threats are real and growing more sophisticated each year," said Michal Jankech, VP of SMB and MSP segments at ESET.

ESET claims that its solutions -- ranging from XDR, threat intelligence, MDR -- will offer MSPs flexible programs designed to cater to both small and large customers. ESET says it will share more about its “API integration program” next week along with updates to its partner programs that include tier-based volume pricing and real-time license usage tracking.