Microsoft is launching the general availability of Microsoft Defender for IoT cloud-managed platform designed to let businesses connect their operational technology (OT) environment without compromising their security.
According to the Redmond, Wash. tech giant, Defender for IoT helps organizations manage assets, track emerging threats and control risks across enterprise and mission-critical networks in both connected and air-gapped environments.
In a blog, Microsoft says cloud-powered IoT and OT security solutions offer advantages over traditional solutions, including discovery of assets-end-to-end, detecting and responding to threats in real-time, defending against known and unknown threats, compliance reports, and workflows and integrations that leverage the cloud.
The solution also helps organizations solve OT security issues faster by unifying the security operations center (SOC) for both IT and OT assets, the company says.
“With Microsoft Defender for IoT, you can achieve faster time-to-value, improve agility and scalability, increase visibility, and strengthen the resiliency of your network and infrastructure without making significant changes,” Microsoft IoT and OT security experts write in a blog. “The Defender for IoT cloud is designed to augment your on-premises processing power while providing a source of centralized management for global security teams—raising the bar for OT defense.”
The company gives one scenario showing how Defender for IoT works in which a new vulnerability is published with information that could impact an organization’s OT devices, and threat actors are currently trying to exploit the bug.
“With Microsoft Threat Intelligence, the new CVE is ingested automatically and shared across our cloud-based security services, including Defender for IoT,” the company says.
Organizations can use the Microsoft Azure Portal to monitor for the new vulnerability across all devices and sites, resulting in a faster response time to secure IoT and OT environment.
Other scenarios where security professionals can benefit from Defender for IoT include OT security and compliance audits, attack surface reduction consulting and tabletop exercises, the company says.
The Defender for IoT solution also includes a new device inventory feature that allows SOCs to manage OT devices through the Microsoft Azure Portal. The feature supports unlimited data sources, including manufacturer, type, serial number, firmware, and more, helping organizations gain a complete picture of their IoT and OT assets to address any vulnerabilities.
In addition, Defender for IoT integrates with Microsoft Sentinel to provide security information event management for both OT and IT environments, and the solution also shares threat data with Microsoft 365 Defender, Microsoft Defender for Cloud and other products like Splunk, IBM QRadar and ServiceNow, Microsoft says.
