Security News > 2021 > June > Microsoft Buys ReFirm Labs to Expand IoT Firmware Security Push
Microsoft's aggressive push to ferret out security problems in the firmware powering IoT devices took on new urgency this week with the acquisition of ReFirm Labs, an early-stage startup that helps businesses pinpoint and fix weak links at the firmware layer.
According to Microsoft's David Weston, the ReFirm Labs technology will be offered as a feature in the Azure Defender for IoT product.
The Refirm Labs deal comes exactly a year after Microsoft snapped up CyberX, an IoT security company that provides a digital map of thousands of devices scattered throughout modern organizations.
"Device builders are gonna need to come on board before they even ship it to the customer, to make sure it meets any basic security promise. And we have a device updating mechanism to keep that promise going," Weston added.
In a statement announcing the acquisition, Microsoft said it was imperative to fix firmware security problems as billions of intelligent, cloud-connected devices flood the market and expand the available attack surface.
ReFirm is well known for the Binwalk open-source software, which has been used to analyze thousands of device types for firmware security issues, uncovering unpatched common vulnerabilities and exposures, insecure secrets, and a multitude of other security problems in plugin IoT devices and embedded firmware.
News URL
Related news
- Microsoft Entra "security defaults" to make MFA setup mandatory (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)
- ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps (source)
- Microsoft Ignite 2024 Unveils Groundbreaking AI, Security, and Teams Innovations (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)
- Microsoft announces new and improved Windows 11 security features (source)
- Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity (source)
- Security? We've heard of it: How Microsoft plans to better defend Windows (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)