sb-as logo
Story image

Attivo integrates with Azure for greater IoT threat protection

Attivo Networks has integrated with Microsoft Azure Security Center for IoT. Together the organisations will deliver a solution designed for detection and response to attackers targeting Azure IoT Edge devices.

Attivo Networks is a specialist in cybersecurity threat detection. This integration extends the ThreatDefend platform to up the ante for security on the Azure service.

According to Microsoft, the intelligent edge is a prime target for attackers, and as such Azure IoT Edge actively addresses these risks by collaborating with security companies such as Attivo who are proficient at detecting attackers in these emerging environments.

The integration provides customers a reliable way to detect, redirect, and respond to in-network attackers.

Attivo Networks VP security research Venu Vissamsetty says, “Efficiently detecting cloud-based attacks on containers and Internet of Things (IoT) devices remains a significant challenge for legacy security controls.

“We are excited to partner with Microsoft to deliver the visibility, early detection, and accelerated response that organisations need to combat advanced attackers and leverage the maximum benefits of the Intelligent Edge.”

Microsoft CTO and GM cloud and AI security division, Michael Braverman-Blumenstyk says, “At Microsoft, were committed to providing a trusted, easy-to-use platform that allows customers to securely build and unlock the value of their IoT deployments.

“Our collaboration with Attivo Networks strengthens the security framework of Azure Security Center for IoT Edge with effective, deception-based detection, enabling organisations to meet evolving security needs.”

Azure IoT Edge is a managed service based on Azure IoT Hub. Utilising this, Organisations can deploy cloud workloads to run on IoT edge devices via standard containers.

By moving certain workloads to the edge of the network, devices spend less time communicating with the cloud, react quicker local changes, and operate reliably even in extended offline periods, Microsoft states.

The joint Attivo ThreatDefend and Azure IoT Edge solution deploys Azure IoT modules as decoys for early and accurate threat detection.

Security teams can also deploy ThreatDetect forwarders in remote IoT edge devices from the Azure IoT Hub console and project deception at scale across the enterprise cloud, IoT, industrial, and medical networks to protect their entire infrastructure.

This jointly developed solution is available in the Azure Marketplace. The Attivo ThreatDefend solution creates a fabric of deceptive assets that proactively deceive and redirect attackers into revealing themselves, the company states.

When attackers target IoT edge devices, attempting to conduct reconnaissance or move laterally, they will discover assets that appear identical to production systems.

Any active observation will cause the attack to be redirected into the deception environment, Attivo states.

The solution then raises an engagement-based alert that automatically notifies the Azure Security Center. Additionally, forensics and company-specific intelligence on the attack are gathered and can be used for understanding attacker methods, intent, and strengthening security defences, according to the company.

Story image
Entrust acquires HyTrust, with aim to improve data encryption solutions
Entrust says the acquisition will bolster its effort to deliver data protection and compliance solutions to its customers, while accelerating their digital transformations.More
Story image
BackupAssist partners with Wasabi for greater cyber-resilience
This partnership provides customers with an up to 80% less expensive solution that is faster than the competition for achieving enterprise-grade cyber-resilience, the company states. More
Story image
Check Point exposes Android malware vendor using dark net to rebrand products
Check Point security researchers have exposed an Android malware vendor using a marketer on the dark net to rebrand its products, with the intention of supercharging business and throwing off security vendors. More
Story image
Sophos named a Numbering Authority in CVE programme
The programme, which runs an open data registry of vulnerabilities, enables programme stakeholders to correlate vulnerability information used to protect systems against attacks. More
Story image
Kaspersky steps in to protect automotive industry from cyber threats
The company’s TI report, previously available for a selected range of customers, is able to provide car manufacturers with in-depth analysis of industry-specific security threats.More
Story image
A brief history of cyber-threats — from 2000 to 2020
Many significant cybersecurity events have occurred since the year 2000 — not every one of them ‘firsts’, but all of them correlating with a change in security behaviour or protection.More