Microsoft Buys ReFirm Labs to Drive IoT Security Efforts

  /     /     /  
Publicated : 23/11/2024   Category : security


Microsoft Buys ReFirm Labs to Drive IoT Security Efforts


The acquisition will bring ReFirms firmware analysis capabilities alongside Microsofts Azure Defender for IoT to boost device security.



Microsoft has confirmed its acquisition of ReFirm Labs as part of a broader effort to improve the security of Internet of Things devices. Terms of the deal were not disclosed.
ReFirms team are the developers behind Binwalk Open Source, a tool designed for detecting and extracting files and code inside firmware images. Binwalk was launched in 2010; since then, its tech has evolved into a lineup of products that find and report known flaws, potential zero-days, cryptography keys, backdoor passwords, and other issues in IoT devices. ReFirm Labs was founded in 2017 with this broader collection of enterprise vulnerability management tools.
Its technology plays an important role in the IoT security space, explains David Weston, director of enterprise and operating system security at Microsoft, which is bridging the gap that we have today between IT and OT … and that is making sure you can do basic things like vulnerability assessments and identifying missing patches and security issues on IoT devices.
There is a demand for capabilities that make it easier to assess and maintain the security of connected devices, from smart lightbulbs to OT tools, Weston says. ReFirm Labs tech meets this need without demanding security teams have expertise in reverse engineering firmware.
What ReFirm Labs brings to Azure Defender for IoT and other security products is essentially drag-and-drop security analysis, he continues. Users can take the firmware and drag it onto the ReFirm product, which decompresses it and uses its firmware extraction technology to assess each file in the firmware package and look for known vulnerabilities, predictable passwords, and loose secrets, such as private keys, then produce a report and database entry based on its findings.
This scan will ultimately determine if a device can be safely connected to the Internet or to a corporate network, Weston says, noting this is a security gap for many businesses. A recent study commissioned by Microsoft found 83% of surveyed businesses had experienced a firmware security incident but only 29% are allocating resources to protecting firmware.
A key challenge in firmware security lies in the supply chain. Device builders typically use third-party software and parts in their products but dont have the tools or resources to analyze components before using them. As a result, their devices may ship with security flaws.
ReFirms technology is intended to build on Microsofts current security capabilities in Azure Defender for IoT. Manufacturers will be able to upload firmware to Azure Defender for IoT for a security assessment and address vulnerabilities before shipping devices. On the business side, those using connected devices can learn which flaws require remediation and apply the needed patches via Azure Device Update, Weston explains in a
blog post
on the acquisition.
Firmware security, while currently an acute problem in the IoT space, is a problem across devices, and Microsoft plans to extend ReFirms detection capabilities beyond the Internet of Things.
The vision for ReFirm integration longer term is to start with IoT but extend it out into other products, like Microsoft Defender ATP, and allow you to get visibility across all these unique operating systems and pieces of firmware that compose a modern computer, Weston says.
It has been nearly a year since Microsoft
acquired
IoT/OT security firm CyberX as part of its strategy to expand Azure IoT cloud-based security monitoring into industrial network devices. CyberXs technology and Azure Defender for IoT will monitor for and detect attacks; ReFirms function is to determine whether a device is secure and whether it needs to be updated.
ReFirms team will join Microsoft as part of the acquisition, bringing its expertise, along with the Centrifuge firmware platform, to improve the ability to analyze and protect firmware.

Last News

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Microsoft Buys ReFirm Labs to Drive IoT Security Efforts