Firmware Analysis now Generally Available
Back in June, we announced the public preview of firmware analysis, a new capability available through Azure Arc to help organizations gain visibility into the security of their Internet of Things (IoT), Operational Technology (OT), and network devices. Today, we are excited to announce that firmware analysis is generally available (GA) for all Azure customers. In modern industrial environments, firmware security is a foundational requirement. IoT sensors and smart devices collect the data fueling AI-driven insights; if those devices aren’t secure, your data and operational continuity are at risk. During the preview, we heard from many customers who used firmware analysis to shine a light into their device software and address hidden vulnerabilities before attackers or downtime could strike. With general availability, firmware analysis is ready to help organizations fortify the “blind spots” in their infrastructure – from factory-floor sensors to branch office routers – by analyzing the software that runs on those devices. What Firmware Analysis Does for You Firmware analysis examines the low-level software (firmware) that powers IoT, OT and network devices, with no agent required on the device. You can upload a firmware image (for example, an extracted embedded Linux image), and the cloud service performs an automated security inspection. Key features include: Software inventory & vulnerability scanning: The service builds a Software Bill of Materials (SBOM) of components within the firmware and checks each component against known CVEs (Common Vulnerabilities and Exposures). This quickly surfaces any known vulnerabilities in your device’s software stack so you can prioritize patching those issues. Security configuration and hardening check: Firmware analysis evaluates how the firmware binaries are built, looking for security hardening measures (e.g. stack protections, ASLR) or dangerous configurations. If certain best practices are missing, the firmware might be easier to exploit – the tool flags this to inform the device manufacturer or your security team. Credential and secrets discovery: The analysis finds any hard-coded credentials (user accounts/password hashes) present in the firmware, as well as embedded cryptographic material like SSL/TLS certificates or keys. These could pose serious risks – for instance, default passwords that attackers could exploit (recall the Mirai botnet using factory-default creds) are identified so you can mitigate them. Any discovered certificates or keys can indicate potentially insecure design if left in production firmware. Comprehensive report: All security findings – from the Software Bill of Materials (SBOM), list of vulnerabilities to hardening recommendations and exposed secrets – are provided in a detailed report for each firmware image analyzed. This gives device makers and operators actionable intelligence to improve their device security posture. In short, firmware analysis provides deep insights into the contents and security quality of device firmware. It turns opaque firmware into transparent data, helping you answer, “What’s really inside my device software?” so you can address weaknesses proactively. What’s New and Licensing We’ve been hard at work making firmware analysis even better as we move to GA. Based on preview feedback, we’ve addressed bugs, implemented usability suggestions and improved the firmware analysis SDKs, CLI and PowerShell extensions. A new Azure resource called “firmware workspace” now stores analyzed firmware images. Firmware analysis workspaces are currently available as a Free Firmware Analysis Workspace SKU with capacity limits. Getting Started If you have IoT, OT and network devices in your environment, use firmware analysis to test just how secure your devices are. Getting started is easy: access firmware analysis by searching “firmware analysis” in the Azure portal, or access using this link. Onboard your subscription and then upload firmware images for analysis. For a step-by-step tutorial, visit our official documentation. The service currently supports embedded Linux-based images up to 1GB in size. We want to thank all the preview participants who tested firmware analysis and provided feedback. You helped us refine the service for GA and we’re thrilled to make this powerful tool broadly available to help secure IoT, OT and network devices around the world. We can’t wait to see how you put it to work. As always, we value your feedback, so please let us know what you think.
RPA Predictions for 2019
Hi team, We run a series on Intelligent Automation events, with our upcoming one in May at the Beanfield Center in Toronto – Intelligent Automation Canada. RPA has a very important part to play as organizations are increasingly searching how to improve and modify their applications on a continuous basis. Please see our report on RPA Predictions for 2019: http://bit.ly/2Ft0aMb If interested in attending the event with speakers from Bank of America, Cargill, Loblaw, and more, here’s the full event guide: http://bit.ly/2UQJHa5
ROS on Windows and ROS with Azure
Welcome to the Robotics community. We’d like to leverage this conversation space to discuss the Robot Operating System (ROS) on Windows as well as share feedback and learnings. Come join our discussion. Microsoft is working with Open Robotics and the ROS Industrial Consortium to bring the Robot Operating System to Windows. Microsoft has joined the ROS Industrial Consortium who's mission is to extend the capabilities of ROS to manufacturing and improve the productivity and return on investment of industrial robots. Microsoft will host and maintain the Windows builds for ROS1, and shortly ROS2. We are providing documentation, development and deployment solutions for Windows. To get started using ROS on Windows and ROS with Azure, please visit the Getting Started guide at http://aka.ms/ros.Remote Computer Science with Pi-Top smart rover , .NET interactive Microsoft Bot & Microsoft Teams
Come see how we're using .NET Interactive, pi-top's smart rover, and Microsoft Teams to showcase the remote computer science class of the future. A Covid-19 resistant remote first approach that allows collaboration, coding, testing debugging and rich interactions involving data, video and Azure cloud services.
