So the move is meant to fill a gap in the security layer of many large businesses in various industry domains, whose infrastructure includes smart devices, and who are also threatened by cyber-attacks.
As the release note points out:
Many IoT and OT devices do not support the installation of agents and are currently unmanaged and therefore invisible to IT and security teams. Without this visibility, it is extremely challenging to detect if your IoT and OT infrastructure has been compromised.
Moreover, traditional security software can’t be deployed for such infrastructures, leaving them even more vulnerable.
How to secure IoT/OT devices with Azure Defender
The now generally available Azure Defender for IoT uses CyberX-based agentless behavioral analytics and threat intelligence to detect possible threats.
Much like regular antivirus solutions, this is what Azure Defender for IoT can do for your network:
- Detect threats by analyzing the specialized protocols, devices, and machine-to-machine behaviors found only in IoT/OT environments
- Make a complete inventory of all IoT/OT assets
- Analyze diverse industrial protocols to identify device details including manufacturer, type, serial number, firmware level, and IP or Media Access Control (MAC) address
- Quickly identify the root cause of operational issues such as misconfigured devices
- Identify network vulnerabilities (unpatched devices, open ports, unauthorized applications, and unauthorized connections)
- Detect changes to device configurations, programmable logic controller (PLC) code, and firmware
- Prioritize fixes based on IoT protocols
- Catch zero-day malware and similar exploit attempts
Azure Defender for IoT
Complete security solution for IoT and OT environments, with flexible deployment options and powerful threat-detection capabilities.
A great advantage of Azure Defender for IoT is that it uses a flexible deployment model including in environments protected with the Azure Sphere or Azure Sentinel technologies, with no changes over the existing infrastructure.
Moreover, network admins can modify the source code to further customize the agent to the organization’s needs. The tool’s impact is minimal, with no OS kernel dependencies.
Note that Azure Defender for IoT differs from the regular Azure Defender product, which is designed for general cloud environments.
Microsoft offers plenty of documentation for enterprises to get started with Azure Defender deployment and further stay informed with the latest updates.
This post was written by Sinziana Mihalache and was first posted to WindowsReport
Do you find this article helpful? Your Friend might too. So, please Share it with them using the Share button above.
Will you like to get notified when I post new updates? Then Follow me on any of my social media handles: Google News, Telegram, WhatsApp, Twitter, Facebook, Pinterest.
You can also drop your email address below if you wish to be notified by mail.