Dell Trusted Device Installation and Administrator Guide v7.2

Dell Trusted Device overview

The Dell Trusted Device (DTD) is a part of the Dell SafeBIOS product portfolio and includes the following features:

• BIOS Events & Indicators of Attack
• Image Capture
• Intel ME Verification
• Secured Component Verification (On Cloud)
• Security Risk Protection Score
• Dell Event Repository and SIEM integration

BIOS Events & Indicators of Attack enables administrators to analyze events in the Windows Event Viewer that may indicate bad actors targeting BIOS on enterprise endpoints. Bad actors change BIOS attributes to gain access to enterprise computers locally or remotely. These attack vectors can be monitored then mitigated through the BIOS Events & Indicators of Attack features' ability to monitor BIOS attributes.

The Intel Management Engine (Intel ME) is an independent micro controller that is built into Intel processor chipsets manufactured starting in 2008. Intel ME provides an interface between the operating system, hardware, and BIOS. Additionally, Intel ME is granted extensive system-level privilege and runs in every power state. The Dell Trusted Device (DTD) scans and verifies that Intel ME firmware is present and untampered.

Secured Component Verification (On Cloud) is a supply-chain assurance offering that enables you to verify the integrity of the components inside your Dell computer.

Security Risk Protection Score enables administrators to determine the security risk level of computers in their enterprise. Dell Trusted Device (DTD) scans for security solutions and assigns a score per overall risk assessment.

• BIOS Verification
• BIOS Events & Indicators of Attack
• Image Capture
• Security Risk Protection Score

In version 7.2, the DTD feature is enhanced to support BIOS firmware integrity verification using quantum‑resistant hash functions. This update improves protection against advanced threats by detecting tampering of BIOS images, including attacks that use quantum‑enabled hash‑collision techniques. If any unauthorized modification is detected, the BIOS verification process fails.