It looks as though Apple made quite the purchase back in November 2015, acquiring firmware security firm LegbaCore. Security researcher Trammell Hudson revealed as much in a presentation at the 32C3 conference in December, while founder Xeno Kovak teased such a transition on Twitter. LegbaCore is the company that collaborated with Hudson tackle Thunderstrike 2, the first known infection to affect firmware loaded on Macs.
What did Apple hire us to do? We can't say. :) Well, we can probably say something like "low level security" (I don't know our job titles)— Xeno Kovah (@XenoKovah) November 10, 2015
It's reported that after LegbaCore alerted Apple of Thunderstrike 2, the two companies began to engage in talks, eventually seeing the security firm gradually clear out existing contracts to work solely with Apple. It's not known exactly what LegbaCore will be doing at Apple, but we'd hazard a guess it would involve firmware security, as well as checking for vulnerabilities.