Microsoft’s aggressive push to ferret out security problems in the firmware powering IoT devices took on new urgency this week with the acquisition of ReFirm Labs, an early-stage startup that helps businesses pinpoint and fix weak links at the firmware layer.
Financial terms of the deal were not disclosed. ReFirm Labs, a four-year-old startup based in Maryland, raised $3.5 million in two rounds of early-stage venture capital funding.
According to Microsoft’s David Weston, the ReFirm Labs technology will be offered as a feature in the Azure Defender for IoT product.
The Refirm Labs deal comes exactly a year after Microsoft snapped up CyberX, an IoT security company that provides a digital map of thousands of devices scattered throughout modern organizations.
[ SEE: Microsoft: Firmware Attacks Outpacing Security Investments ]
In an interview with SecurityWeek, Weston said the two transactions fit perfectly to provide visibility and manageability to the custom operating systems and firmware that currently ship on smart light bulbs, printers and other always-connected devices.
“These two fit together perfectly,” Weston said. “For example, CyberX can determine if someone is trying to brute-force the SSH service on your device. ReFirm will tell you if that SSH service has a predictable password, whether or not it has ASLR turned on and whether or not OpenSSL actually has a CVE.”
For Microsoft, a company with a $5 billion bet on IOT, securing the layers below the operating system takes on new urgency and Weston said battle-tested Windows Update mechanism will play a key part in remediating ..
Support the originator by clicking the read the rest link below.
