Disclosed are various examples for verification and management of firmware for client devices enrolled with a management service of an enterprise. The firmware verification includes a verification process using multiple checkpoints for determining whether status responses associated with firmware installed on and received from a managed client device can be trusted. The multiple checkpoints can include verifying certificate data, signature data, and an exit code included in status responses received from managed devices. In the event that one of the verification steps fails, the device can be considered compromised and subject to various compliance actions. The compliance actions can include limiting access to enterprise data, limiting access to one or more applications, wiping a device clean to reset the devices to the original factory settings, sending a notification to an enterprise administrator providing an indication of the detected compromise, and other types of compliance actions.