|
|
 Steve Kenniston presented for Dell Technologies at Security Field Day 13 |
This Presentation date is May 28, 2025 at 8:00-10:00.
Presenters: Adam Miller, Arun Krishnamoorthy, Justin Vogt, Sameer Shah, Steve Kenniston
Follow on Twitter using the following hashtags or usernames: #XFD13
Dell Technologies Security Strategy Overview
Watch on YouTube
Watch on Vimeo
This session will cover Dell’s overall strategy for cybersecurity including reducing the attack surface, detecting and respond to cyber threats, and recovering from a cyberattack.
In this presentation at Security Field Day 13, Dell Technologies provided a comprehensive overview of their cybersecurity strategy, emphasizing the concept of “advanced cybersecurity maturity.” The speakers explained that Dell aims to help customers progress in their cybersecurity posture by embedding security from the ground up—starting with the supply chain and extending through endpoints, infrastructure, and services. With the rise of AI, the attack surface has expanded, and bad actors have gained access to more sophisticated tools. In response, Dell focuses on three strategic pillars: reducing the attack surface, detecting and responding to threats, and ensuring rapid recovery. Their approach includes building secure hardware (claiming the most secure commercial and AI PCs), utilizing industry-vetted security partnerships, and providing services that align with the Zero Trust model.
Dell’s reduction of the attack surface involves enforcing strong cyber hygiene, emphasizing practices such as regular patching, encryption, multi-factor authentication, and network segmentation. The company views cybersecurity as not only technological but procedural, with detection strategies that incorporate AI/ML-enhanced XDR tools and, where possible, managed detection and response (MDR) services. Their hardware is designed with security baked in, including features like firmware verification and behavioral detection at the BIOS level. They also stress the importance of monitoring, both with built-in capabilities and via partner integrations. Dell aims to give customers not only preventative tools but also detection systems that assume eventual breach, shifting focus toward resilience.
Recovery, as Dell sees it, is the ultimate goal and involves both technology and process readiness. Their solutions include air-gapped cyber vaults and services that support incident response planning, communications, and business continuity. For Zero Trust, Dell supports two paths: an incremental uplift approach for customers with existing investments, and Fort Zero, a pre-certified private cloud solution aligned with the U.S. Department of Defense’s Zero Trust architecture. Fort Zero integrates hardware and software from vetted partners and is delivered as a turnkey system. Dell also supports brownfield environments through consulting services and maturity-based architecture planning. Overall, the presentation framed cybersecurity not as a static goal but as a continual process of improvement, which is rooted in practical frameworks, backed by technology, and supported by Dell’s ecosystem of services and partners.
Personnel: Adam Miller, Sameer Shah, Steve Kenniston
Dell Technologies Endpoint Security
Watch on YouTube
Watch on Vimeo
When it comes to security at the endpoint, we will discuss how Dell helps to keep your organization safe.
In this session, Dell Technologies presented a deep dive into their commercial PC endpoint security capabilities. Justin Vogt and Adam Miller outlined how Dell’s approach spans secure manufacturing, below-the-OS threat detection, hardware-based credential protection, and direct integrations with industry-leading security tools. Their security strategy is rooted in building a trusted platform from the supply chain up, with controls like Dell’s SafeBIOS for firmware verification, SafeID for dedicated credential storage, and tamper-evident delivery methods. These security layers are automatically embedded in Dell commercial devices like Dell Pro and Dell Pro Max, which are built with telemetry and validation mechanisms that detect firmware tampering and alert security teams proactively.
Dell also emphasized integration with silicon partners, especially Intel, to gain visibility into memory at the hardware level, bypassing potentially compromised operating systems. Unique capabilities such as off-host firmware verification and BIOS indicators of attack give organizations the ability to detect abnormal behavior even before standard security tools are active. Beyond detection, Dell helps customers with incident response by enabling forensic data capture and supporting secure recovery. These capabilities are made actionable through direct integrations with platforms like Microsoft Intune, CrowdStrike, and Absolute, so customers can manage and respond to threats using tools they already know. All this is offered without additional cost, and Dell provides both a hardware and software bill of materials to ensure transparency and trust in every device.
Complementing their built-in security, Dell offers optional managed services to help customers who may not have mature security operations. Their customer security operations center can monitor hardware-level data and support incident response and recovery–even on non-Dell environments. With a focus on reducing mean time to detect and respond, Dell positions itself not only as a hardware vendor but as a security partner. The presentation highlighted Dell’s ethos of proactive defense, transparency, and support, driven by both product capabilities and service expertise. Customers can rely on Dell for end-to-end security–from foundational hardware assurance to advanced telemetry and threat remediation.
Personnel: Adam Miller, Justin Vogt
Dell Technologies AI Security with Arun Krishnamoorthy
Watch on YouTube
Watch on Vimeo
AI has become one of the hottest topics in IT. Learn how Dell can help you make sure that as you deploy AI solutions, you do it in a secure manner.
Dell Technologies emphasizes that security is a critical aspect of their journey in accelerating customer outcomes, whether through private and hybrid cloud solutions or advancements in AI. They have established the Dell AI Factory to mass-produce AI solutions at scale with high quality and efficiency, bringing together Dell’s infrastructure, including AI PCs and data center components (compute, storage, GPU-enabled with partners like Nvidia, Intel, and AMD), along with an ecosystem of AI-enabled partners. This comprehensive approach aims to help customers accelerate their AI innovation and achieve faster time to market, recognizing security as a day-zero conversation for successful AI deployment.
Dell highlights the evolving landscape of AI, from traditional AI to generative AI and the emerging agentic AI. With agentic AI, applications will increasingly think for themselves and exercise judgment with minimal human intervention, posing significant security challenges. To address these evolving risks, Dell advocates for a cross-functional architectural approach involving IT, business, data, and security teams from the outset. They stress the importance of organizing and securing data, which fuels AI models, and implementing robust governance. The company is developing an architecture to secure AI deployments, from model training and data organization to runtime environments on-premise, in the cloud, or on AI PCs, acknowledging the shift of AI use cases to the edge.
Dell’s security strategy for AI focuses on making security and resilience an architectural design choice, providing services like strategic advisory, implementation, and continuous threat management. They offer a virtual CISO for AI, data security posture assessment to identify and reduce AI-related risks like data poisoning and prompt injection, and managed security services, including managed detection and response (MDR). Their MDR service provides full-stack visibility, proactively monitoring infrastructure, data protection environments, and cloud/container levels for threats. Dell is also partnering to develop an “AI proxy” or “AI firewall” for deep prompt-level inspection, compliance violation assessment, and malicious code detection, and offers penetration testing against OWASP Top 10 AI vulnerabilities, emphasizing a proactive and collaborative approach to securing AI implementations.
Personnel: Adam Miller, Arun Krishnamoorthy
Dell Technologies Infrastructure Security with Steve Kenniston
Watch on YouTube
Watch on Vimeo
Having a secure and resilient infrastructure gives organizations the confidence they need to innovate. Dell helps organizations stay safe and secure, today and into the future, by manifesting a comprehensive security strategy across three core pillars: modern workspace (PCs), modern data center (storage, servers, data protection, networking, HCI), and AI. This holistic approach, known as the Dell Technology Advantage (DTA), integrates security and sustainability across all three components. A dedicated development organization within Dell focuses on creating consistent security capabilities across their entire portfolio, aiming to reduce tool sprawl and provide a unified management experience for customers, including consistent operating systems across appliance solutions for predictable security implementation.
Dell’s infrastructure security strategy aligns with a “reduce attack surface, detect and respond, and recover” framework. To reduce the attack surface, Dell’s servers incorporate features like system lockdown, signed firmware updates, and dynamic USB control, while networking solutions leverage cryptography and secure authentication. For detection and response, features like iDRAC on servers and BIOS live scanning are used to continuously monitor for changes and send notifications upon physical chassis penetration. In terms of recovery, Dell ensures valid recovery points, scans data before recovery, and offers capabilities like scanning snapshots on primary storage for early threat detection and quicker recovery of business-critical data, complementing their data protection solutions with immutable vaults and isolation.
Dell also emphasizes a zero-trust approach, building capabilities into each solution set to support customers in creating zero-trust environments. While they clarified that “certification” by the Department of Defense is better termed “validation,” Dell’s Project Zero architecture adheres to the DOD’s zero-trust guidelines, having undergone testing and validation against their COA3 for on-prem infrastructure. This validation process involved implementing hardware that the DOD could pen-test and validate against various security controls. Additionally, Dell has partnered with CrowdStrike to enhance threat detection within backup environments, identifying over 70 types of attacks and sending actionable intelligence to SIEMs, thus shifting from reactive incident response to proactive detection and providing comprehensive recovery services through their integrated support and engineering teams.
Personnel: Adam Miller, Steve Kenniston