Protecting Organizations Against Device Supply Chain Attacks


Secured organizations are relatively protected against cyber-attacks on their networks, applications and data infrastructure. These organizations have implemented multi-layered security infrastructures that include firewalls, IDS, IPS, email security, endpoint security suites and others that block most known cyber-attacks from the outside and inside.


On the other side, the cyber-attackers continually seek new attack vehicles to carry their attacks and have found device supply chains to be an easy entry point to organizations. These attackers have become experts in penetrating legitimate supply chains and manipulate devices before they are delivered to the customer. They have also found ways to penetrate the upgrade process and manipulate devices after installation. Organizations consider their supply chains to be complex; they are. They do not have control over the route from manufacturer to their facilities—subcontractors, component suppliers, distribution channels and carriers, integrators and installers can each serve as an attacker’s entry point.




Sepio’s supply chain security suite protects your organization from the effect of the attack—instead of trying to prevent it. The suite stops rogue hardware before it damages the normal operation of the organization or degrades system performance. Leveraging hardware, software and cloud technology, it protects organizations against device supply chain attacks.


The Sepio three step solution:


  1. Detects by comparing expected vs. actual, based on the whitelist rules engine.

  2. Blocks any illegal device or activity across the organization.

  3. Reports to the existing SIEM and to the cloud service.

True Air-gap Hardware


  • Hardware Air Gap isolation between the “risky” (non-secured) and the “safe” (secured) sides.

  • Allows data to run only in one direction preventing misuse of the port (i.e. when a keyboard—with a hidden cellular modem—is connected to a computer, the network is exposed).

  • Blocks the port if a threat was discovered and upon disconnection of the Sepio security device.

Full Visibility and Control


  • Software agents for securing the infrastructure against rogue devices.

  • Real-time global red alerts based on a threat intelligence service.

  • Organization wide threat-level dashboard.

  • Centralized console, SIEM integration.


© 2016 Cyber Sepio Systems LTD   All rights reserved.  Owned and operated by Cyber Sepio Systems LTD

Privacy Policy

Terms of Use