Skip to content

Looking for Vulnerabilities Below the OS? Check Out Intel® Device Heath

Play Video

How do you ensure PC endpoints remain secure?

In this InTechnology video, Camille talks with Novin Kaihani, Senior Director and GM of Client Software Products at Intel, about Intel® Device Heath. They get into the challenges of cybersecurity at the OS level and below, along with how endpoint vulnerability management works.

About Intel® Device Heath:

Today’s organizations often lack complete visibility into the health and security of their PCs, especially below-the-OS. Typical PC scans focus on vulnerabilities found in OS and applications levels. Few have the expertise to decode areas of vulnerability in the firmware and hardware levels, yet this where attacks can be catastrophic. Intel Device Health is a cloud service that uses telemetry at the firmware and hardware levels to complete the picture of a PC’s overall risk from vulnerability. To learn more about implementing Intel Device Health throughout your fleet, connect with an Intel, VMware, or Eclypsium sales rep.

Challenges in Cybersecurity at the Operating System Level and Below

Novin discusses the prevalent focus on securing application-level vulnerabilities while pointing out the inadequate attention given to the operating system (OS) level and deeper layers. The challenge arises in pinpointing vulnerabilities within firmware, microcode, drivers, and other intricate areas. To address this issue, Intel and Eclypsium have collaborated to offer a comprehensive endpoint security solution with Intel® Device Heath, which aims to bridge the existing security gap and enhance protection for customers. Intel specializes in detecting vulnerabilities beneath the OS level and relays these findings to Eclypsium, which then confirms these vulnerabilities and implements patches or corrective measures.

Understanding Endpoint Vulnerability Management

Camille and Novin explore the methodology behind identifying and managing vulnerabilities below the OS level with Intel® Device Heath. Novin outlines a straightforward process that involves scanning platform data, matching it against a vulnerability database, and alerting entities like Eclypsium for remediation. Despite the simplicity of these steps, the real challenge lies in identifying these vulnerabilities in practical, real-world environments as opposed to controlled laboratory settings. While there are numerous vulnerability catalogs, distinguishing accurately among known vulnerabilities for specific endpoints remains a complex task. Novin describes how a team of engineers, supported by some automation, conducts most of the verification work manually. This approach to managing endpoint vulnerabilities caters to IT departments and businesses of all sizes, offering the advantage of integrating seamlessly with existing security solutions without necessitating additional downloads or installations.

Novin Kaihani, Senior Director and General Manager of Client Software Products at Intel

Novin Kaihani Intel Device Health endpoint vulnerability management OS security

Since 2021, Novin has held the position of Senior Director and General Manager of Client Software Products at Intel. His journey with Intel began in 2004 when he joined as a Network Engineer, a role he held until 2007, and has been consistently with the company since 2008. Throughout his tenure at Intel, Novin has occupied several key positions, including Director and Chief of Staff & Technical Advisor for the Commercial Client Group, as well as Director of Product Management & Business Strategy for the Data Center Group. He holds a Cisco Certified Network Associate certification and earned his finance degree from Portland State University.


Check it out. For more information, previous podcasts, and full versions, visit our homepage.

To read more about cybersecurity topics, visit our blog.

#DeviceHealth #OSsecurity #endpointsecurity

The views and opinions expressed are those of the guests and author and do not necessarily reflect the official policy or position of Intel Corporation.


If you are interested in emerging threats, new technologies, or best tips and practices in cybersecurity, please follow the InTechnology podcast on your favorite podcast platforms: Apple Podcast and Spotify.

Follow our host Camille @morhardt.

Learn more about Intel Cybersecurity and Intel Compute Life Cycle (CLA).