Content, XDR

Microsoft Defender for IoT Covers Security for Unmanaged Devices on the Enterprise Network

NEW YORK, NY – MAY 2: The Microsoft logo is illuminated on a wall during a Microsoft launch event to introduce the new Microsoft Surface laptop and Windows 10 S operating system, May 2, 2017 in New York City. The Windows 10 S operating system is geared toward the education market and is Microsoft’s answer to Google’s Chrome OS. (P...

Microsoft has released Microsoft Defender for IoT, its agentless, monitoring security software for securing Internet of Things devices connected to enterprise networks such as printers, smart TVs and voice over internet protocol (VoIP), excepting PC and smartphones.

Enhancing XDR Coverage

A dedicated integration with Microsoft 365 Defender allows Defender for Endpoint customers to extend their extended detection and response (XDR) coverage to include IoT devices. Microsoft previewed Defender for IoT in late 2021. It was previously known as Azure Defender for IoT, which launched in public preview in 2020.

It also fits together with Microsoft Sentinel, its managed, cloud-based Security Information and Event Management (SIEM) solution, popular among managed security service providers.

IoT devices are far more plentiful on the enterprise network than are laptops and mobile phones but often lack the necessary safeguards to ensure their safety. For that reason they pose an enticing target for hackers to use as either a point of entry, for lateral movement or to evade security mechanisms.

Advantage for IoT devices

Michal Braverman-Blumenstyk, corporate vice president, chief technology officer, Cloud and AI Security at Microsoft, and Nir Giller, principal group manager, IoT Security at Microsoft, in a blog post, explained the advantages of Microsoft Defender for IoT:

“The new capabilities allow organizations to get the visibility and insights they need to address complex multi-stage attacks that specifically take advantage of IoT and OT devices to achieve their goals. Customers will now be able to get the same types of vulnerability management, threat detection, response, and other capabilities for enterprise IoT devices that were previously only available for managed endpoints and OT devices.”

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.