Microsoft is releasing the new Firmware Analysis feature for Defender for IoT. Soon, the software will be able to read Linux devices in your enterprise environment for vulnerabilities.
Firmware Analysis for Defender for IoT scans Linux devices for different types of vulnerabilities, ranging from detecting outdated open source software to detecting devices running on vulnerable software.
According to Derick Naef, Principal Product Manager at Microsoft, protecting IoT and OT devices is a major challenge for businesses. Especially when compared to securing IT devices where modern endpoint solutions take all the worry out: “The devices are basically black boxes.”
Firmware Analysis is currently available in public preview. Users can test out the capabilities by scrolling to the Firmware Analysis (preview) tab. After uploading a firmware image of the Linux device, the feature searches for hidden vulnerabilities.
Checking certificates and looking for vulnerabilities
One option causes Defender to scan for weaknesses from the list of Common Vulnerabilities and Exposures (CVEs), which lists all known vulnerabilities in software. It is also possible to analyze SSL certificates, to detect expired certificates.
In general, Naef describes the new feature as follows: “This analysis provides insight into the software inventory, vulnerabilities and certificates of IoT devices without the need to deploy an endpoint agent.”