Attivo Networks today announced an integration with Microsoft to further
enhance detection and response for Azure IoT Edge with the ThreatDefend platform.
Since the intelligent edge is a prime target for attackers, Azure IoT
Edge actively addresses these inherent risks by collaborating with
innovative security companies such as Attivo who are effective at
efficiently detecting attackers in these emerging environments. The
integration provides customers a reliable way to quickly and confidently
detect, redirect, and respond to in-network attackers.
"Efficiently
detecting cloud-based attacks on containers and Internet of Things
(IoT) devices remains a significant challenge for legacy security
controls," said Venu Vissamsetty, VP Security Research of Attivo
Networks. "We are excited to partner with Microsoft to deliver the
visibility, early detection, and accelerated response that organizations
need to combat advanced attackers and leverage the maximum benefits of
the Intelligent Edge."
Michal
Braverman-Blumenstyk, CTO and GM, Cloud and AI Security Division at
Microsoft Corp. said, "At Microsoft, we're committed to providing a
trusted, easy-to-use platform that allows customers to securely build
and unlock the value of their IoT deployments. Our collaboration with
Attivo Networks strengthens the security framework of Azure Security
Center for IoT Edge with effective, deception-based detection, enabling
organizations to meet evolving security needs."
The
Azure IoT Edge is a fully managed service built on Azure IoT Hub.
Organizations can deploy cloud workloads to run on IoT edge devices via
standard containers. By moving certain workloads to the edge of the
network, devices spend less time communicating with the cloud, react
more quickly to local changes, and operate reliably even in extended
offline periods.
The joint Attivo ThreatDefend and
Azure IoT Edge solution is designed to seamlessly deploy Azure IoT
modules as decoys for early and accurate threat detection. Security
teams can also deploy ThreatDirect forwarders
in remote IoT edge devices from the Azure IoT Hub console and project
deception at scale across the enterprise cloud, IoT, industrial, and
medical networks to protect their entire infrastructure. This jointly
developed solution is available in the Azure Marketplace.
The
Attivo ThreatDefend solution works by creating a fabric of deceptive
assets that proactively deceive and redirect attackers into revealing
their presence. When attackers target IoT edge devices, attempting to
conduct reconnaissance or move laterally, they will discover assets that
appear identical to production systems. Any active observation will
cause the attack to be redirected into the deception environment. The
solution then raises an engagement-based alert that automatically
notifies the Azure Security Center. Additionally, forensics and
company-specific intelligence on the attack are gathered and can be used
for understanding attacker methods, intent, and strengthening security
defenses.