White Papers
Table Of Contents
- Dell Trusted Device Installation and Administrator Guide v3.6
- Contents
- Introduction
- Requirements
- Download the software
- Verify the installation package
- Installation
- Uninstall Trusted Device
- BIOS Verification
- Image Capture
- BIOS Events & Indicators of Attack
- Security Risk Protection Score
- Intel ME Verification
- Integration
- Run the BIOS Verification Agent
- Results, troubleshooting, and remediation
Live Query
Live Query enables security teams to query and report the state of the BIOS to determine if it is compromised. The Live Query
integration with Trusted Device is available with the Carbon Black Audit and Remediation service (formerly LiveOps). Carbon
Black now recommends the Dell SafeBIOS Verification Status query which reports on the BIOS verification status for each
endpoint per Sensor Group. For specific information about how to access this query, see the Carbon Black documentation.
Live Response
In circumstances where SafeBIOS Verification returns a failure, the Trusted Device agent automatically captures the BIOS image
for use in endpoint investigation. Carbon Black Live Response can be used to retrieve the captured BIOS images regardless of
an endpoint's quarantine status.The Live Response integration with Trusted Device is available with all Carbon Black products.
These scripts and implementation instructions are available for download at the Carbon Black GitHub.
32 Integration