Microsoft has released Microsoft Defender for IoT, its agentless, monitoring security software for securing Internet of Things devices connected to enterprise networks such as printers, smart TVs and voice over internet protocol (VoIP), excepting PC and smartphones.

Enhancing XDR Coverage

A dedicated integration with Microsoft 365 Defender allows Defender for Endpoint customers to extend their extended detection and response (XDR) coverage to include IoT devices. Microsoft previewed Defender for IoT in late 2021. It was previously known as Azure Defender for IoT, which launched in public preview in 2020.

It also fits together with Microsoft Sentinel, its managed, cloud-based Security Information and Event Management (SIEM) solution, popular among managed security service providers.

IoT devices are far more plentiful on the enterprise network than are laptops and mobile phones but often lack the necessary safeguards to ensure their safety. For that reason they pose an enticing target for hackers to use as either a point of entry, for lateral movement or to evade security mechanisms.

Advantage for IoT devices

Michal Braverman-Blumenstyk, corporate vice president, chief technology officer, Cloud and AI Security at Microsoft, and Nir Giller, principal group manager, IoT Security at Microsoft, in a blog post, explained the advantages of Microsoft Defender for IoT:

“The new capabilities allow organizations to get the visibility and insights they need to address complex multi-stage attacks that specifically take advantage of IoT and OT devices to achieve their goals. Customers will now be able to get the same types of vulnerability management, threat detection, response, and other capabilities for enterprise IoT devices that were previously only available for managed endpoints and OT devices.”