Hardware hardened advanced threat protection

The invention claimed is: 1. An Information Handling System (IHS), comprising: a processor; a Basic Input/Output System (BIOS) coupled to the processor, the BIOS having BIOS instructions stored thereon that, upon execution, cause the IHS to: launch an Extensible Firmware Interface (EFI) gateway module; and determine, using the EFI gateway module, whether the BIOS instructions include malware, by applying a behavior-based threat model to a behavior of the IHS during a booting of the IHS, wherein the determination is based upon a memory utilization during the booting being: (a) below a first predetermined threshold or above a second predetermined threshold during a first time interval, and (b) below a third predetermined threshold or above a fourth predetermined threshold during a second time interval; an embedded controller coupled to the processor; and an off-host authentication processing system coupled to the embedded controller, wherein the off-host authentication processing system provides a hardware environment segregated from the processor, wherein the off-host authentication processing system has an off-host processor and an off-host memory coupled to the off-host processor, and wherein the behavior-based threat model is stored in the off-host memory, wherein the behavior-based threat model is retrieved by the EFI gateway module through the embedded controller upon presentation of a key by the embedded controller to the off-host processor. 2. The IHS of claim 1 , wherein the launch of the EFI gateway module occurs immediately after a Power-On Self-Test (POST). 3. The IHS of claim 1 , wherein the determination is performed in response to another determination that a change has taken place in the BIOS instructions since a last boot. 4. The IHS of claim 1 , wherein the key is derived by the embedded controller upon request by the EFI gateway module based upon a voltage within the processor, a temperature of the processor, and a serial number of the processor. 5. The IHS of claim 1 , wherein the determination is performed by the processor. 6. The IHS of claim 1 , wherein the determination is performed by the embedded controller. 7. The IHS of claim 1 , wherein the determination is performed by the off-host processor. 8. A Basic I/O System (BIOS) having instructions stored thereon that, upon execution by a processor of an Information Handling System (IHS), cause the IHS to: launch an Extensible Firmware Interface (EFI) gateway module; and determine, using the EFI gateway module, whether the BIOS instructions include malware, by applying a behavior-based threat model to a behavior of the IHS during a booting of the IHS, wherein the determination is based upon a memory utilization during the booting being: (a) below a first predetermined threshold or above a second predetermined threshold during a first time interval, and (b) below a third predetermined threshold or above a fourth predetermined threshold during a second time interval, wherein the behavior-based threat model is stored in an off-host memory of off-host authentication processing system that provides a hardware environment segregated from the processor, and wherein the behavior-based threat model is retrieved by the EFI gateway module through an embedded controller upon presentation of a key by the embedded controller to the off-host processing system. 9. The BIOS of claim 8 , wherein the launch of the EFI gateway module occurs immediately after a Power-On Self-Test (POST). 10. The BIOS of claim 8 , wherein the determination is performed in response to another determination that a change has taken place in the BIOS instructions since a last boot. 11. The BIOS of claim 8 , wherein the key is derived by the embedded controller upon request by the EFI gateway module based upon a voltage within the processor, a temperature of the processor, and a serial number of the processor. 12. The BIOS of claim 8 , wherein the determination is performed by the processor. 13. The BIOS of claim 8 , wherein the determination is performed by the embedded controller. 14. The BIOS of claim 8 , wherein the determination is performed by the off-host processor. 15. A method, comprising: launching an Extensible Firmware Interface (EFI) gateway module; and determining, using the EFI gateway module, whether BIOS instructions include malware, by applying a behavior-based threat model to a behavior of an Information Handling System (IHS) during a booting of the IHS, wherein the determination is based upon a memory utilization during the booting being: (a) below a first predetermined threshold or above a second predetermined threshold during a first time interval, and (b) below a third predetermined threshold or above a fourth predetermined threshold during a second time interval, wherein the behavior-based threat model is stored in an off-host memory of off-host authentication processing system that provides a hardware environment segregated from a processor of the IHS, and wherein the behavior-based threat model is retrieved by the EFI gateway module through an embedded controller of the IHS upon presentation of a key by the embedded controller to the off-host processing system. 16. The method of claim 15 , wherein the launch of the EFI gateway module occurs immediately after a Power-On Self-Test (POST). 17. The method of claim 15 , wherein the determination is performed in response to another determination that a change has taken place in the BIOS instructions since a last boot. 18. The method of claim 15 , wherein the key is derived by the embedded controller upon request by the EFI gateway module based upon a voltage within the processor, a temperature of the processor, and a serial number of the processor. 19. The method of claim 15 , wherein the determination is performed by the embedded controller. 20. The method of claim 15 , wherein the determination is performed by the off-host processor.