Microsoft & Corelight partner to Mitigate IoT attacks
To manage that growing attack surface, it’s important to understand all of the IoT systems in your environment. However, many organisations struggle to maintain an up-to-date inventory of all networked devices, let alone IoT devices.
Stopping IOT Attacks using NDR
Unmanaged endpoints like IoT devices represent a significant and growing risk surface. Network Detection and Response (NDR) solutions monitor network traffic to generate rich security evidence that enables asset inventory, vulnerability assessment and threat monitoring. In this presentation, experts from Corelight and Microsoft will walk you through how it works and how it can improve your security posture.
Broadest coverage for detecting IoT devices and attacks through Network telemetry
The number of unmanaged systems on the internet is soaring, creating an ever-expanding attack surface. Unfortunately, most defenders lack the critical information they need to protect the IoT and OT systems in their environment.
WITH MICROSOFT DEFENDER AND CORELIGHT YOU HAVE:
A unified security solutions for IoT and OT
Discover, classify and contextualise all your IoT devices in a single unified solution.
Complete your asset inventory in Microsoft 365 Defender
View your complete IT and OT inventory alongside the rest of your IT devices (workstations, servers and mobile) within a single unified view.
Integrated vulnerability management in Microsoft 365 Defender
Identify and prioritise vulnerabilities and misconfigurations across all your IT and IoT devices and use integrated workflows to bring devices into a more secure state.
Prioritised incidents in Microsoft 365 Defender
View prioritised incidents that are inclusive of IT and IoT devices all in a single dashboard to reduce confusion, clutter, investigation times, and alert fatigue.
Your IoT Security Challenges
Even when IoT devices are known or discovered, they often don’t support installation of security monitoring software like endpoint protection agents. The lack of security visibility into these unmonitored devices, combined with their sometimes questionable supply chain, represents a growing risk, especially for organisations embracing digital transformation through IoT.
Perimeter Protection Only
Complex Configuration and Maintenance
Limited IoT Understanding
Unable to Detect Emerging Threats
JOINT SOLUTIONS VALUE
By integrating Corelight with Microsoft Defender for IoT, Microsoft Defender for IoT can leverage the Zeek-based network signal from Corelight Sensors to perform behavioural analytics and machine learning to discover and classify IoT/OT assets, assess vulnerability and risk, and detect attacks. The result is deeper insights into IoT footprint, behaviour, risk, and more efficient incident response.
Your IoT Security Challenges
Corelight Sensors transform every connection into Zeek data that’s comprehensive, structured, and correlated. Microsoft Defender for IoT/OT uses this data for device discovery and classification, vulnerability management, and detection and response, forgoing the need to deploy Defender for IoT’s IoT/OT specific network sensor.
Corelight & Microsoft Defender for IoT: Through an XDR lens
The partnership between Microsoft’s new Defender for IoT and Corelight offering is a proof point of both the XDR market dynamics and the power of the right data. The Defender platform already has a data lake, analytics team, and sophisticated incident response capabilities. They have extended that platform to embrace network-centric workflow and analytics. This includes working with Corelight to ensure that our mutual customers can maximise the impact of the Defender platform – after all, the best data enables the best analytics!
Corelight Announces Integration for Microsoft Defender for IoT as a Data Source for the Platform
Corelight, provider of the industry’s leading open network detection and response (NDR) platform, today announced product compatibility with Microsoft Defender for IoT. Corelight is the first Microsoft NDR partner to take advantage of Defender for IoT’s cross-industry integration capabilities. Corelight customers can send data from deployed sensors to Microsoft 365 Defender, and in turn to Defender for IoT to apply its behavioral analytics and machine learning techniques to discover and classify devices and to protect, detect, and respond to IoT attacks.