IoT and OT devices are increasingly becoming a major attack vector for organizations of all sizes. While the impact of these attacks can paralyze entire industries and countries, defending against these attacks has traditionally involved disparate tools that often suffered from poor integration and disconnect from the overall security program. And while IT and OT environments have historically been disconnected, securing them effectively requires a unified approach.
Today, we are excited to announce the public preview of our Defender for IoT solution for Microsoft Sentinel. With this solution, Microsoft Sentinel delivers the first in the industry native SOC experience for IT and OT environments. Available within a click of a button, the native OT security capabilities of Defender for IoT allow organizations to discover security issues in OT before they attract any threat actors and detect threat activity that uses operational technologies to enter an environment, move laterally, or cause physical damage and disruption to the operations. The integration equips security teams with expanded visibility and control across all their OT assets, starting from asset discovery, to vulnerability management, to incident response.
Within the same workflows, analysts can now track and update their entire inventory of OT devices, monitor these devices for potential security issues and vulnerabilities, and respond to incidents – not just within the context of OT, but with the benefit of visibility across the entire security program. All OT-related alerts, compromised assets, network connections and events and PCAP access are now part of the analyst workflows, providing customers with a complete control across all devices and assets.
Read the announcement blog in Microsoft Defender for IoT tech community, to learn about the main capabilities of Defender for IoT solution for Microsoft Sentinel:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.