Microsoft Defender for IoT expands with firmware analysis functionality

Microsoft expands Microsoft Defender for IoT to include firmware analysis. This feature helps detect security risks. This is of great importance to the IoT sector. The reason? Organizations often need to manage a large number of devices. Securing these is now made easier by Microsoft.

In a blog post, Microsoft announces the new features. Microsoft’s Derick Naef explains: “With modern endpoint solutions, IT and security analysts have visibility into the software and known vulnerabilities of IT devices. But it’s different for IoT and OT devices without an agent. They do not have the same visibility on the growing number of devices on their network. These devices are essentially black boxes. Without visibility into software, patch levels and known vulnerabilities. To solve this problem, we are introducing firmware analysis in Microsoft Defender for IoT. Now available as a Public Preview.”

How does the new feature work?

Firmware analysis examines a binary firmware image on an IoT device. It does an automated analysis to detect potential security risks and weaknesses. This analysis provides insight into the software, weaknesses and certificates of IoT devices without the need to deploy an endpoint agent. You use firmware analysis by going to “Firmware analysis (preview)” in Defender for IoT and uploading an unencrypted Linux-based firmware image there. You get this picture from the device vendor. Once the image is extracted and the embedded file system is identified, security analysis of the firmware image can find hidden threat vectors.

This new feature is a welcome addition. It helps organizations better secure their IoT devices.

To learn more about firmware analysis, click here.