Microsoft Defender for IoT -New Release (OT v22.2.4)
Microsoft is excited to announce a new software release of Microsoft Defender for IoT. To learn more, visit Azure Defender for IoT Release Notes | Microsoft Docs Download links available at Defender for IoT Management Portal - Microsoft Azure. What's New? Category Item Inventory and map Merge and Delete devices via device inventory Last seen value in the device details pane is replaced by Last activity Any user with Admin permissions will be able to delete devices via device inventory page New protocol support Honeywell Discovery Honeywell EUCN Schneider TSAA ServiceNow integration Users can now query CVEs for specific device Users can correlate alerts on Splunk with devices from the CMDB Alerts New alert columns with timestamp data - will be available on the sensor (cloud side will be available only on the next release) Learning button will be displayed by default in the alerts page About Defender for IoT Azure Defender for IoT provides agentless, network-layer security, provides security for diverse industrial equipment, and interoperates with Azure Sentinel and other SOC tools. Continuous asset discovery, vulnerability management, and threat detection for Internet of Things (IoT) devices, operational technology (OT) and Industrial Control Systems (ICS) can be deployed on-premises or in Azure-connected environments.Invitation | Join the Microsoft Defender for IoT community to influence and earn swag!
Defender for IoT Customer - Join Defender for IoT private community! Access exclusive Defender for IoT content and best practices Be first to try our private previews and influence our features before they become GA Earn digital badges based on your level of contribution Live events To join, please fill out the form at https://aka.ms/SecurityPrP and select “ongoing program” NDA is required Cool swag for the first 50 members who sign up! make sure to fill in your shipping address in the form Are you already a member of our cloud security community? https://aka.ms/SecurityCommunity, Discussion group on LinkedIn
Latest Threat Intelligence (March 2025)
Microsoft Defender for IoT has released the March 2025 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 3b0522536f51a13701f172a5d2c435d5 For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.Latest Threat Intelligence (August 2024)
Microsoft Defender for IoT has released the August 2024 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 1b0b3742c28c70692504dcf88d63d54c For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.Microsoft Defender for IoT new sensor release (22.2.7)
We are happy to announce a new release of Microsoft Defender for IoT sensor (version 22.2.7) What’s new? Improved network devices visualization to include multiple interfaces based on network protocols. Improved alert timeline indications, which now includes detection time and last seen time. A new column named “First Detection time” reflects the first time the alert was detected, to get more context if it was raised more than once. To download sensor 22.2.7 software from Azure portal https://ms.portal.azure.com/#view/Microsoft_Azure_IoT_Defender/IoTDefenderDashboard/~/Getting_startedDefender for IoT public webinars
These webinars will be held at 08:00-09:00 AM, PST. Sign-up at the links below! FEB 23 Microsoft Defender for IoT | Cloud Capabilities and Security Advantages In this session we will discuss the benefits of connecting Defender for IoT for OT/ICS environments to the cloud. Covering both security and manageability aspects and features and cross platform integrations MAR 24 Better Together | Microsoft Sentinel - IT/OT Threat Monitoring with Defender for IoT Solution In this session we will discuss how Microsoft Sentinel and Microsoft Defender for IoT are driving together a convergence of OT and Corporate cybersecurity disciplines in defense of critical infrastructure. This solution provides the foundation for building a SOC geared towards IoT/ OT monitoring. and is globally applicable for organizations defending both IT/OT-based networks APR 6 Microsoft Defender for IoT | How to Discover and Secure IoT Devices in the Enterprise Environment In this session we will share how Microsoft Defender for IoT is leveraging multiple data sources (including an agentless solution and Microsoft Defender for Endpoints) to discover and secure IoT devices in enterprise networks. Printers, cameras, VoIP phones and other unmanaged devices are posing an increasing risk to enterprises, and the need to identify and protect them becomes a cardinal priority for security teams. We will present our integrated solution and how it complements our OT security offering. Original Post: Defender for IoT public webinars - Microsoft Tech Community
