man who found exit
Control the firmware with Trapezoid and
Trapezoid® Firmware Integrity Verification Engine (FIVE) is the first integrity monitoring solution designed to detect and alert on attacks and malware affecting BIOS and firmware to meet NIST SP 800-53 and 53A baseline controls.

Compromised Firmware can lie,
spy, steal and destroy.


Existing tools largely overlook firmware.

Firmware is consistently unmonitored and unprotected.

Firmware has the most permissions of any code on your system.

Firmware’s level of privilege increases the potential of an attack.

One entrance into your organization is failure.

Once an attacker gains entrance, an event can occur any time without you knowing.

Firmware is the Forgotten Software.

Firmware is everywhere…

Firmware is operational technology.

Any software used to control hardware is classified as firmware.

Hardware types and usage dictate their unique catastrophic risks:

  • Bound to Life firmware: Heart rate monitors, cars, and planes.
  • Bound to Privacy firmware: Cameras, baby monitors, and computers.
  • Bound to Disasters firmware: Power grids, cities, and big events.

Periodic updates to firmware for adding features or fixing bugs make it even
more vulnerable to attack.

Firmware is a foundational building block of any operational system
including the device-driven Internet of Things.

Firmware hacks will pull at your heart strings...and your wallet.

Gain control with trapezoid® five


1) Our patented Trapezoid® Marker technology creates a unique “watermark” for each monitored device that cryptographically ties a virtual machine (VM) to any hardware on which it is has ever run throughout its entire lifecycle, and combines applicable policy with expected machine state to detect critical changes in a system’s integrity.

2) Trapezoid FIVE combines user defined policy attributes and changes in firmware to detect fraudulent firmware modifications.


Trapezoid’s Firmware Integrity Verification Engine proactively identifies when organizations are running old or vulnerable firmware and helps define policy for when it must be updated. The portal allows users to dig deeper and visualize the organization from a firmware perspective.

The forensic database with our data science tools will analyze machine data and apply predictive and machine learning algorithms.


Trapezoid integrates with leading security policy management and reporting tools allowing you to incorporate firmware integrity monitoring into your existing security and compliance framework to address unauthorized changes in firmware.

No need to buy more or change what you have; take action when questionable behavior occurs.

trapezoid is the only comprehensive solution

for detecting compromised firmware

  • Trapezoid® FIVE
  • is specifically designed
  • to detect unauthorized
  • changes to firmware
  • across the entire
  • IT infrastructure.

Patented trapezoid® marker machine id remotely
attests to identity & integrity of monitored hardware

for hardware

virtual machines

data boundaries

supply chain verification

federal and commercial compliance

Continuous Firmware Integrity Verification is an emerging critical and urgent element of cyber safety compliance.




Baseline security controls
High Impact Compliance.




Avoid findings of
negligence by failing
to implement cyber
security best practices.




Required protection –
reasonably anticipated
threats & evolving
threat assessments.




Identify and evaluate
evolving malware
threats & malicious
software trends.




Protection by computer
-based policy, enforced
by hardware based
‘roots of trust’.

trapezoid is a security game-changer
for organizations globally

Firmware Integrity

Trapezoid FIVE enables any industry or government agency to:

  • Proactively identify, analyze, and help remediate firmware breaches/unauthorized changes.
  • Identify devices throughout the organization that may not be monitored and enable that continuous supervision.

Trapezoid FIVE contains:

  • Contextual Indexing to quickly respond to audit and compliance requests.
  • Use Trapezoid FIVE with the client or directly via open API access.

Virtual Machine Tracking

Our Marker Technology uniquely identifies / watermarks the hardware and ties it to a virtual machine, which:

  • Helps service providers prove multi-tenancy and enterprises ensure that resources for different business units don’t overlap.
  • Minimizes the attack surface by proving that an infected VM was only located on certain physical servers.
  • Cryptographically tracks where every virtual machine has lived down to the hardware from the time it was created to the time it’s destroyed.

Easily deployed. Immediate benefits.

Trapezoid Leadership

trapezoid management team

The Trapezoid leadership team is comprised of seasoned security and legal professionals from Terremark (now a Verizon company) with extensive experience in incident response, data center security, security operations, cloud security, risk management and compliance. The team’s expertise informs Trapezoid's unique approach to enable the secure and compliant use of private and hybrid cloud services by IT organizations in all market sectors. Trapezoid’s board of directors and advisors is made up of respected technology and security leaders.


CoVant was formed by Joseph Kampf and other former senior executives of Anteon International Corporation to provide capital and operational expertise to technology solutions companies. This team grew Anteon from a $100 million company when acquired in 1996 to a $1.7 billion company when sold in 2006 to General Dynamics.

Work-Bench Ventures is a $10M fund which co-invests in early go-to-market enterprise startups alongside institutional leads. With deep IT backgrounds at leading Wall Street banks, they are at the front and center of the shifting technology landscape and evaluate hundreds of startups a year, onboarding many of them.

DigitalEra is dedicated to providing world-class Security and Compliance and Business Applications Solutions to businesses, the public sector and service providers. The DigitalEra team is comprised of true experts in the industry and are experts in cyber security, threat, and risk management.