FIRST is based on a peer-to-peer network governance model, where Computer Security Incident Response Teams (CSIRTs), Product Security Incident Response Teams (PSIRTs) and independent security researchers work together across borders to limit the damage of security incidents. This requires a high degree of trust – fostered by FIRST through its distributed governance as well as the various activities it promotes. This model also fosters inclusiveness and ownership, by inviting membership from all geographic and cultural regions.

And today, we are pleased to share that after the completion of a rigorous application process, we have joined the global FIRST team. Notably, AMI is the first independent BIOS vendor (IBV) to gain admission to the Forum.

“As the Chair of the FIRST Board of Directors, it is my great pleasure to welcome AMI as a new full member to FIRST. With its deep experience at the forefront of firmware security and incident response, we are confident that AMI will make an immediate and meaningful impact as a FIRST member,” said Tracy A. Bills, Chairperson of the FIRST Board of Directors.

Recognizing the importance of its admission, Samuel Cure, Chief Information Officer at AMI commented that “As the first IBV to receive this honor, we are extremely proud to become a member of FIRST. We strongly believe that our many decades of leadership and expertise in firmware and platform security will bring a unique and effective perspective to this important work.”

About FIRST

FIRST is the Forum of Incident Response and Security Teams, whose members have resolved an almost continuous stream of security-related attacks and incidents including handling thousands of security vulnerabilities affecting nearly all of the millions of computer systems and networks throughout the world connected by the ever-growing Internet. FIRST brings together a wide variety of security and incident response teams including product security teams from the government, commercial, and academic sectors. Learn more at https://www.first.org/about/.

The post AMI Is First Independent BIOS Vendor to Join the Forum of Incident Response and Security Teams (FIRST) appeared first on AMI.

The post Hardwear.io Security Training and Conference USA 2025 appeared first on AMI.

In a way, talking about information and data security is like talking about brushing one’s teeth: we all know it is important, and exhibiting consistency and strong daily habits is essential to avoid catastrophic issues (and pain!) in the future.

At AMI, as developers of critical system firmware for all types of compute platforms worldwide – from servers to notebooks to industrial computers and beyond – we have a deep understanding of the importance of assuring our customers, platform end-users and the industry at large that we are adhering to the highest standard of security practices and benchmarks.

That’s why AMI participates in security performance monitoring by SecurityScorecode, a real-time security score monitoring organization based in the US. AMI is proud to consistently receive an “A” rating, earning a score of 95/100 or higher, as updated in real-time on the AMI Trust Center section of our website.

What is SecurityScorecard?

SecurityScorecard bills itself as “the largest proprietary risk and threat intelligence dataset on the planet.” Its mission is to “make the world a safer place by transforming the way the world measures and manages cybersecurity risk across the entire digital ecosystem.”

It does so by providing real-time security score data for monitored organizations and allows participants to display that score as a measure of their security posture, as well as examine any areas of deficiency. A detailed breakdown of the methodology used by SecurityScorecard to calculate an organization’s score can be found at Trust – SecurityScorecard.

The Benefits of SecurityScorecard

As part of holistic security practices, businesses and organizations should regularly evaluate the SecurityScorecard of their hardware, software, and firmware vendors to streamline their vendor risk management program. A SecurityScorecard offers real-time, comprehensive cybersecurity ratings that:

Continuously Monitor Third-Party Risk

SecurityScorecard allows organizations to assess the cybersecurity posture of vendors, partners, and supply chains, helping to prevent breaches that originate from external relationships. With continuous monitoring, organizations stay on top of security incidents or security score changes early – sometimes before attackers exploit the gaps – reducing friction in third-party risk processes.

Get an Independent, Objective View

The SecurityScorecard platform provides an outside-in view of your own organization’s security health, identifying vulnerabilities you may not catch internally.

Prioritize and Remediate Threats Faster

The comprehensive scoring system highlights critical weaknesses across areas like application security, network security, DNS health, and patching cadence, helping teams prioritize remediation efforts.

Support Compliance and Regulatory Requirements

Security ratings can support frameworks like NIST, ISO, GDPR, and CMMC by offering documented, measurable evidence of cyber risk management.

AMI’s Commitment

“We are extremely proud of our continued A-level rating with SecurityScorecard. Our AMI security team works tirelessly to maintain a strong security posture, and this rating reflects our deep dedication and effort. So foremost I would like to thank the team for its hard work in achieving this rating. I also want to assure our customers, partners, and end users that we will continue to apply the same level of discipline and effort to uphold these results with SecurityScorecard going forward,” said Samuel Cure, AMI Chief Information Officer.

We encourage OEMs, ODMs and our partners and customers to strongly consider a firmware vendor’s security rating when selecting a partner for a system development project of any kind. Doing so will ensure that sensitive customer data and IP is safe and secure, and that products are designed and released in line with the best data safeguarding practices.

The post AMI Receives “A” Grade for Holistic Security Practices by SecurityScorecard appeared first on AMI.

The post Authority Magazine Interview with AMI CISO Samuel Cure appeared first on AMI.

The post Cybersecurity Executive Samuel John Cure Joins AMI as Chief Information Security Officer appeared first on AMI.

This Interagency Report outlines hardware-enabled security techniques and technologies for safeguarding and improving container deployments in multi-tenant cloud environments. It also describes a proof-of-concept implementation of this approach using the AMI TruE® Platform Security Solution from AMI. This proof-of-concept is intended to be a blueprint or template for the general security community to follow in data center and enterprise cloud environments. The publication is targeted towards security professionals, system administrators and other information technology (IT) professionals for cloud service providers along with hardware, firmware, and software developers and is now available on the NIST and National Cybersecurity Center of Excellence (NCCoE) websites at the following locations:

https://csrc.nist.gov/publications/detail/nistir/8320a/draft

https://csrc.nist.gov/news/2020/draft-nistir-8320a-safeguarding-containers

https://www.nccoe.nist.gov/projects/building-blocks/trusted-cloud

https://www.nccoe.nist.gov/news/announcements

Stefano Righi, Vice President of Global Software, Security Engineering & Services at AMI, commented that “As platforms operating in data center and enterprise environments become more complex and more onboard components require their own firmware, the need to verify and secure platform firmware and software has never been more important. And with security threats becoming more widespread at the firmware level, cloud providers must be able to ensure the integrity of platform firmware from installation and bootup to ensure their tenants’ security concerns are satisfied. Both cloud providers and tenants require assurance that all platforms in the data center are secure, and this Interagency Report document outlines a simple and effective hardware-enabled security solution with AMI TruE to do so.”

“To meet the growing need for firmware-level security, the AMI TruE Platform Security Solution from AMI delivers holistic datacenter security solutions using Intel® Security Technologies and Intel® Security Libraries for Data Centers to provide a true trusted environment for cloud execution in the enterprise and data center,” said Joseprabu Inbaraj, Senior Director of Marketing at AMI. “We are pleased to have this opportunity to collaborate with security thought leaders once again to develop a prototype approach using AMI TruE that will help meet this expanding threat and we look forward to see how the industry will adopt it going forward.”

For more information on the AMI TruE Platform Security Solution, please contact AMI via ami.com/contact or call 1-800-828-9264 to speak with an AMI Security Solutions Expert.

About NCCoE
The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology addresses businesses’ most pressing cybersecurity problems with practical, standards-based solutions using commercially available technologies. The NCCoE collaborates with experts from industry, government and academia to build modular, open, end-to-end reference designs that are broadly applicable and repeatable.

All trademarks and registered trademarks are the property of their owners in the US and other countries.

The post AMI Collaborates on New NIST Interagency Report 8320A on Hardware-Enabled Security in Multi-Tenant Cloud Environments appeared first on AMI.