Eclypsium Secures $25M to Protect Firmware, Hardware, and AI Infrastructure
Eclypsium, the Portland-based device supply chain security company founded by former Intel security engineers, has raised $25 million in strategic funding, the company announced on March 19, 2026. The round brings Eclypsium's total funding to $110 million and will accelerate expansion into Edge AI devices, AI infrastructure, and further penetration of the financial services sector.
The round was led by PEAK6 Strategic Capital, with participation from Ten Eleven Ventures, Qualcomm Ventures, Pavilion Capital, Singtel Innov8, Sixty Degree Capital, Andreessen Horowitz, and Madrona.
What Eclypsium Does
Founded in 2017, Eclypsium operates below the operating system layer — the firmware, hardware, and supply chain components that most security tools never examine. The company's platform provides:
- Deep device inventory — identifies every hardware component, firmware version, and software package across the infrastructure estate
- Vulnerability hardening — detects known firmware vulnerabilities and misconfigurations
- Threat detection — identifies implants, backdoors, and anomalous firmware behavior
- Incident response — enables forensic investigation and response at the firmware layer
- Lifecycle management — continuous monitoring from device onboarding through production to asset disposition
Eclypsium scans laptops, servers, network appliances, and AI infrastructure for vulnerabilities that exist below the operating system — a layer invisible to traditional endpoint detection and response (EDR) tools, SIEM systems, and vulnerability scanners.
Why This Layer Matters
Firmware attacks are increasingly favored by nation-state threat actors precisely because they persist below the reach of conventional security tools:
- Firmware implants survive OS reinstallation and disk wipes
- Compromised hardware can be shipped pre-infected through complex supply chains
- Firmware vulnerabilities are rarely patched at the same cadence as software CVEs
- Most organizations have zero visibility into the firmware state of their device fleet
Investment Thesis
PEAK6 Co-founder Jenny Just on the Investment
"Eclypsium is a trusted leader in safeguarding both public and private critical infrastructure against the world's most sophisticated threat actors, including nation-states. With its proven technology and deep expertise in supply chain security for IT infrastructure, we believe the company is exceptionally well positioned to help organizations strengthen cyber resilience in the enterprise."
CEO Yuriy Bulygin on Growth
"Eclypsium has achieved tremendous success since its Series C funding — advancing our platform to enterprise-wide hardware infrastructure coverage, significantly expanding our customer base in financial services, insurance, government, AI datacenters, energy and public safety sectors. As securing the hardware supply chain becomes a top global imperative for enterprises and government agencies, this strategic investment accelerates our mission to deliver the industry's most comprehensive protection across every enterprise device."
How the Funds Will Be Used
Eclypsium will direct the investment toward expanding coverage to a growing range of edge and AI-focused device categories:
| Target Segment | Device Types |
|---|---|
| Edge AI Devices | Autonomous network edge appliances, SASE edge, SD-WAN, Access Points |
| AI Infrastructure | GPU servers, NVIDIA BlueField DPU-based appliances |
| Surveillance Hardware | CCTV cameras, 5G networking equipment |
| Core Enterprise | Laptops, servers, network devices (existing coverage, expanded depth) |
The company will also grow channel partnerships to accelerate enterprise adoption.
Key Leadership Additions
Two senior hires were announced alongside the funding round:
Hiep Dang — Vice President, Technology & Research Over 25 years of experience spanning R&D, threat research, and sales at HiddenLayer, Qualys, Cylance, and McAfee.
Brian Dunphy — Vice President, Product Management 20+ years of cybersecurity product leadership at Symantec, RSA, Claroty, and AuthMind, with expertise across XDR, EDR, SIEM, OT, ITDR, and managed security services.
Market Context
The device supply chain security market has grown significantly following a series of high-profile firmware-level attacks:
- Nation-state actors, including several tracked by US intelligence agencies, have been observed deploying firmware implants in routers and network hardware targeting telecommunications and critical infrastructure
- The 2024 Ivanti Connect Secure exploitation campaigns exposed how network appliances — devices that run below the OS layer — can serve as persistent footholds even after remediation efforts
- AI infrastructure has introduced a new attack surface: GPU servers, DPU appliances, and edge AI hardware often run proprietary firmware with limited security vetting
Eclypsium's positioning across all of these categories — traditional enterprise hardware, network appliances, and AI infrastructure — places it at the intersection of the market's fastest-growing security concerns.
The company is scheduled to exhibit at RSAC 2026 at South Hall Booth #226.
Key Takeaways
- Hardware supply chain security is moving from niche to enterprise-essential as firmware attacks by nation-state actors escalate
- AI infrastructure represents the newest frontier for supply chain risk — GPU servers and DPUs run firmware that few organizations currently audit
- $110M total raised signals sustained investor conviction in Eclypsium's category leadership since the 2017 founding
- Qualcomm Ventures' participation is strategically notable given Qualcomm's hardware footprint in enterprise networking and edge computing
- Below-OS visibility remains a critical gap in most enterprise security stacks — Eclypsium is among the few vendors addressing it at scale