Menu
Become a Client
Krista Case

HP: Elevating Security with a Multi-Layered Approach for the Modern Era

HP: Elevating Security with a Multi-Layered Approach for the Modern Era

Analyst(s): Krista Case
Publication Date: December 27, 2024

HP recently hosted security industry analysts to showcase its latest security innovations. The summit highlighted HP’s commitment to a multi-layered security approach, emphasizing hardware-level protection, AI-driven threat detection, and the need to protect the ecosystem of IoT devices, including printers. Key topics of discussion include new firmware security features designed to thwart advanced attacks and a continued focus on addressing the evolving threat landscape.

What is Covered in this Article:

  • HP’s most recent innovations in security, including firmware locking, the ability to create digital Platform Certificates, and the ability to run third-party firmware in an isolated VM.
  • The company’s go-forward strategy for blending hardware and software innovation, threat research, and AI to address evolving and critical threat vectors.
  • A look ahead into how HP will more closely blend its PC and printer and collaboration messaging and strategies, and how it will address the spectrum of security threats resulting from AI and quantum computing.

The News: HP hosted security industry analysts in New York City from Dec. 9-11, 2024. This summit included deep-dive discussions into HP’s PC, printer, and endpoint management-related security capabilities, portfolio roadmap, and go-to-market strategy.

HP: Elevating Security with a Multi-Layered Approach for the Modern Era

Analyst Take: Security is long ingrained in HP’s history, dating back over two decades. Through significant investments in research and development, strategic acquisitions such as Bromium, and collaborative efforts with industry partners and standards organizations such as NIST and ISO, security is clearly established as an important and integral component of HP’s DNA.

At its Security Industry Analyst Summit 2024, HP executives tied the company’s most recent innovations to evolving threat tactics, including physical attacks on hardware and firmware, and the opportunities that exist to tamper with components throughout the device’s lifecycle. Specifically, in November, HP added three new capabilities that address these threats:

  • First is the ability to execute a user-controlled firmware lock that can only be unlocked by using cryptographic password-less authentication via HP’s Sure Admin capability. This is important because tampering with the firmware could potentially allow a malicious actor to execute a system boot or to start the operating system (OS), even if the OS is locked.
  • Second is the ability to create digital Platform Certificates, validating that hardware and firmware components such as the BIOS/firmware, memory, PCIe devices, or processor have not been modified since manufacturing.
  • Third is the ability to run third-party firmware inside a micro-virtual machine via HP’s Sure Start Virtualization Protection. By isolating third-party firmware, this capability prevents it from being able to potentially infect the device’s hardware or its other firmware.

As highlighted by Vali Ali, HP Fellow and Chief Technologist, Security & Privacy for Business Personal Systems, these capabilities move the needle in HP’s ability to address threats resulting from PCs being left unattended – such as plugging in malicious Thunderbolt, USB C, or PCIe devices, which can occur “as quickly as a coffee break” – and in addressing safety across the PC lifecycle – beyond its manufacturing, spanning its transportation to the warehouse, to the end customer, while it is in use, and during the end-of-life/reuse process. It is notable that this also includes inhibiting access to sensitive data in the event that a device is misplaced.

These announcements, and HP’s strategy of addressing both “Below the OS” (that is, physical and software-based attacks targeting firmware and hardware) and “Above the OS” (that is, software-based attacks targeting users and data) reflect HP’s strong understanding of where it has the impetus to add valuable, important security functionalities where they are needed. That is, it keeps a close pulse on where it can augment developments from key partners such as Microsoft in a way that bolsters and adds more comprehensive security capabilities.

HP Elevating Security with a Multi-Layered Approach for the Modern Era 1

HP Elevating Security with a Multi-Layered Approach for the Modern Era

From a portfolio perspective, the foundation of HP’s security capabilities is hardware-engrained, with the key example being the security chip that it embeds into the motherboard of its PCs to power capabilities that are foundational to its ability to prevent malware attacks, unauthorized access, and data breaches – including encryption, key storage, and HP Sure Start, which ensures that the device boots with a trusted firmware. As exemplified by the latter example, HP is complementing these hardware- and platform-level capabilities with value-added software and services.

This approach creates additional recurring revenue streams for HP and its channel and service provider partners (The Futurum Group notes that more than 75% of HP’s revenue is indirect); it also enhances the differentiation of HP devices and creates stickiness for the seller and the HP brand. This is especially true when services including HP Wolf Connect, which allows for remote management of the entire PC fleet, and HP Protect & Trace, a cloud-based solution that allows admins to find, lock, and wipe a PC remotely, are layered in. Notably, while HP Protect & Trace performs more resiliently when paired with Wolf Connect hardware on an HP device, it can also work over Wi-Fi on HP devices without Wolf Connect or any non-HP device.

What to Watch:

  • HP remains committed to weaving a stronger story across its PC and Printer businesses. As pointed out by executives such as Steve Inch, Sr. Principal Security Strategist and Product Manager for HP Print, and Hemanta Swain, VP of Product and Infrastructure Security for HP Print, printers are themselves computers on the network, like PCs existing within a digital ecosystem. And security of IoT devices such as printers matters because these devices are easily targeted network points of entry by attackers due to inherent issues such as usage of default passwords, device misconfigurations, and unpatched software and firmware vulnerabilities. In addition to crafting more overarching and cohesive messaging, Futurum sees opportunities to elevate these issues in market and customer awareness through its Professional Security Advisory and assessment team, which expanded to incorporate network assessment, evaluation, monitoring, and management of clients’ print and personal systems deployments for both HP and non-HP products.
  • When asked about the challenges of keeping pace with threat actors’ evolving tactics, Boris Balacheff, HP Fellow and Chief Technologist for Security Research and Innovation, noted that HP is focused on continuing to make it as difficult as possible for attackers – in a sense setting the bar and dictating where attackers are going to have to spend their time. This is where HP’s ability to strategically close security gaps as they emerge and evolve within the PC and printer ecosystems will be critical. It is also where its growing threat detection capabilities, its integration with solutions such as EDR, MDM, and SIEM systems, and its threat and adversarial research will come into play more prominently.
  • The evolving approach to, and usage of, AI is important to watch over the next 12-18 months. This includes how HP is using capabilities such as AI-driven threat detection to defend against AI-fueled attacks, as well as how it is addressing the security of AI models throughout the life cycle including all the way to local inferencing on new AI PCs.
  • Also top of mind over the next 12-18 months is HP’s focus on facilitating quantum-resistant cryptography and safe end-user computing in the impending post-quantum world. This includes utilizing the company’s emphasis on firmware security, notably by adapting its embedded endpoint security controller to incorporate quantum-resistant cryptography and participating in related industry collaborations and research initiatives related to post-quantum cryptography.

Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.

Other Insights from The Futurum Group:

Secure Your Devices: HP Wolf Security Suite

HP’s Q4 FY24 Earnings: A Resilient Finish to a Challenging Year

HP’s New OmniBook Ultra 14-inch Next Gen AI PC Promises a Whopping 55 TOPS on the NPU

Author Information

Krista Case

Krista Case brings over 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.

Related Insights
ASUSTeK Q4 FY 2025 Results Highlight Server Mix Shift and AI-Led Portfolio Expansion
March 17, 2026
 

ASUSTeK Q4 FY 2025 Results Highlight Server Mix Shift and AI-Led Portfolio Expansion

Olivier Blanchard, Research Director, Intelligent Devices at Futurum, reviews ASUSTeK’s Q4 2025 earnings, focusing on AI server momentum, portfolio shifts across PCs, and 2026 guidance implies for execution in a...
Olivier Blanchard
NVIDIA Agent Toolkit
March 16, 2026
 

At GTC 2026, NVIDIA Stakes Its Claim on Autonomous Agent Infrastructure

Nick Patience and Mitch Ashley, analysts at Futurum, examine NVIDIA's Agent Toolkit announcements at GTC 2026, covering NemoClaw, AI-Q, the Nemotron Coalition, and what they mean for enterprise agentic AI...
Mitch Ashley
 & 
Could The Qualcomm-Neura Collaboration Accelerate Standardization and Codevelopment in Robotics
March 16, 2026
 

Could The Qualcomm-Neura Collaboration Accelerate Standardization and Codevelopment in Robotics?

Olivier Blanchard, Research Director & Practice Lead, Intelligent Devices at Futurum, examines Qualcomm and NEURA’s collaboration to build physical AI reference architectures for cognitive robotics, focusing on standardization....
Olivier Blanchard
Fortinet’s FortiOS 8.0 Pushes Secure Networking Toward AI Governance
March 16, 2026
 

Fortinet’s FortiOS 8.0 Pushes Secure Networking Toward AI Governance

Fernando Montenegro, VP and Practice Lead, Cybersecurity at Futurum, examines Fortinet’s FortiOS 8.0 adds AI governance, flexible SASE options, and quantum-safe protections to secure networking across hybrid environments....
Fernando Montenegro
Cohesity’s DSPM Bet Blurs the Line Between Visibility and Recovery
March 16, 2026
 

Cohesity’s DSPM Bet Blurs the Line Between Visibility and Recovery

Fernando Montenegro, VP and Practice Lead, Cybersecurity Futurum Research at The Futurum Group, examines Cohesity DSPM, powered by Cyera, ties sensitive data discovery and classification to protection and recovery readiness...
Fernando Montenegro
Adobe Q1 FY 2026 Earnings Show AI Monetization Progress Amid CEO Transition
March 16, 2026
 

Adobe Q1 FY 2026 Earnings Show AI Monetization Progress Amid CEO Transition

Futurum Research analyzes Adobe’s Q1 FY 2026 earnings, focusing on AI usage-to-monetization signals, freemium-to-paid conversion dynamics, and enterprise CX momentum amid a CEO transition....
Futurum Research

Welcome to The Futurum Group

Login to The Futurum Group
Login to Futurum Intelligence Platform
Login to Futurum Labs Research Library

Book a Demo

Newsletter Sign-up Form

Get important insights straight to your inbox, receive first looks at eBooks, exclusive event invitations, custom content, and more. We promise not to spam you or sell your name to anyone. You can always unsubscribe at any time.

All fields are required






Thank you, we received your request, a member of our team will be in contact with you.