- Microsoft announced Azure Defender for IoT hitting general availability for IoT and OT devices.
- This is a major step forward in the IoT security segment since such networks are largely exposed.
- Azure Defender for IoT is designed to detect and reduce IoT security risks, similar to traditional antivirus solutions.
- But it can be deployed only in IoT/OT environments and differs from the regular Azure Defender tool.
Microsoft announced the general availability for Azure Defender for IoT, a built-in dedicated security solution specifically for Internet of Things (IoT) and operational technology (OT) devices.
IoT security risks are on the increase among all organizations that employ smart technologies in their infrastructure. Yet, IoT security solutions are harder to find.Ad
So the move is meant to fill a gap in the security layer of many large businesses in various industry domains, whose infrastructure includes smart devices, and who are also threatened by cyber-attacks.
As the release note points out:
Many IoT and OT devices do not support the installation of agents and are currently unmanaged and therefore invisible to IT and security teams. Without this visibility, it is extremely challenging to detect if your IoT and OT infrastructure has been compromised.
Moreover, traditional security software can’t be deployed for such infrastructures, leaving them even more vulnerable.
How to secure IoT/OT devices with Azure Defender
The now generally available Azure Defender for IoT uses CyberX-based agentless behavioral analytics and threat intelligence to detect possible threats.
Much like regular antivirus solutions, this is what Azure Defender for IoT can do for your network:
- Detect threats by analyzing the specialized protocols, devices, and machine-to-machine behaviors found only in IoT/OT environments
- Make a complete inventory of all IoT/OT assets
- Analyze diverse industrial protocols to identify device details including manufacturer, type, serial number, firmware level, and IP or Media Access Control (MAC) address
- Quickly identify the root cause of operational issues such as misconfigured devices
- Identify network vulnerabilities (unpatched devices, open ports, unauthorized applications, and unauthorized connections)
- Detect changes to device configurations, programmable logic controller (PLC) code, and firmware
- Prioritize fixes based on IoT protocols
- Catch zero-day malware and similar exploit attempts