Posted by: kurtsh | April 23, 2021

RELEASE: Azure Defender IoT – with CyberX technology

imageIncorporating IoT/OT-aware behavioral analytics and threat intelligence from our recent acquisition of CyberX, Azure Defender for IoT is an agentless, network-layer monitoring solution that can be rapidly deployed fully on-premises or in Azure-connected environments. It supports diverse industrial protocols and equipment, is deeply integrated with Azure Sentinel, and integrates out-of-the-box with third-party tools (Splunk, IBM QRadar, ServiceNow, etc.).

The new product helps reduce risk in Operational Technology (OT) and industrial control system (ICS) environments, including protecting against modern attacks that can lead to costly production downtime, theft of sensitive IP such as proprietary formulas or designs, and safety incidents. Azure Defender for IoT provides continuous visibility into your IoT/OT risk including addressing critical challenges such as:

  • IoT/OT asset discovery: What devices do we have and how are they communicating — so we can easily implement zero-trust policies for IoT/OT?
  • Vulnerability management: What are risks to our crown jewel IoT/OT assets — and how do we prioritize mitigation?
  • Continuous threat detection & IR: Do we have any IoT/OT threats in our network now — and how do we quickly respond?
  • Operational efficiency: How do we identify and rapidly eliminate inefficiencies from misconfigured industrial equipment?
  • Unified IT/OT security & governance: How do we remove silos between IT and OT? How do we leverage existing SOC workflows and tools to identify multistage attacks that cross IT/OT boundaries —and demonstrate to auditors that we have unified governance across IT and OT?

Why is Microsoft investing here?
Digital transformation and Industry 4.0 have significantly expanded IT/OT connectivity and the attack surface. Unlike desktops and servers, most of these IoT/OT devices don’t support agents and are currently unmanaged and invisible to IT teams. Without visibility, it’s impossible to detect if your IoT/OT infrastructure has been compromised. Further increasing risk, many of these devices weren’t designed with security in mind, lacking modern controls such as strong credentials and automated patching.

Microsoft wants to help you reduce risk with simple, modern, and intelligent solutions that address your entire digital estate— including IoT/OT.

For more technical details, you can read:

Or watch this:


%d bloggers like this: