Blog

Public preview announcement: Defender for IOT solution for Microsoft Sentinel

Overview

 

IoT and OT devices are increasingly becoming a major attack vector for organizations of all sizes. While the impact of these attacks can paralyze entire industries and countries, defending against these attacks has traditionally involved disparate tools that often suffered from poor integration and disconnect from the overall security program. And while IT and OT environments have historically been disconnected, securing them effectively requires a unified approach. 

  

Today, we are excited to announce the public preview of our Defender for IoT solution for Microsoft Sentinel. With this solution, Microsoft Sentinel delivers the first in the industry native SOC experience for IT and OT environments. Available within a click of a button, the native OT security capabilities of Defender for IoT allow organizations to discover security issues in OT before they attract any threat actors and detect threat activity that uses operational technologies to enter an environment, move laterally, or cause physical damage and disruption to the operations. The integration equips security teams with expanded visibility and control across all their OT assets, starting from asset discovery, to vulnerability management, to incident response. 

  

Within the same workflows, analysts can now track and update their entire inventory of OT devices, monitor these devices for potential security issues and vulnerabilities, and respond to incidents – not just within the context of OT, but with the benefit of visibility across the entire security program. All OT-related alerts, compromised assets, network connections and events and PCAP access are now part of the analyst workflows, providing customers with a complete control across all devices and assets.  

 

 

 

Capabilities

 

Read the announcement blog in Microsoft Defender for IoT tech community, to learn about the main capabilities of Defender for IoT solution for Microsoft Sentinel: 

 

Integrate IoT/OT Security context and processes with Sentinel in 2 clicks. 
Streamline the IoT/OT SOC investigation experience with dedicated built-in features. 
Automate response for IoT/OT threats with out-of-the-books SOAR Playbooks. 
Enable the OT SOC by providing SOC analysts OT domain monitoring capabilities. 

  

 

Learn More

 

Solution package: Defender for IoT solution package in Microsoft Sentinel
Ignite on-demand session: Defending against OT/ICS threats with an OT-Enabled SOC
OT Incidents investigation tutorial Investigate Microsoft Defender for IoT incidents with Microsoft Sentinel 
IOT entity page: IoT Entity Page blog 
Solution webinar: IT/OT Threat Monitoring solution with Defender for IoT and Sentinel Webinar
Release notes: Microsoft Defender for IoT Release Notes | Microsoft Docs  

 

No Comments

Leave a Reply

Microsoft Sentinel: What’s New at Microsoft IgniteReleased: October 2022 Exchange Server Security Updates

Contact Us

We are always here to help. Please reach out to us and we'll get back to you as soon as possible.

Address:

Maruti Court, Ground Floor
Mvuli Road, Nairobi, Kenya

Contacts:

+254716973110

office@digitalexperts.co.ke

Hours:

Mon-Fri 8am – 5pm
Sat 9am – 1am
Sun & Holidays Closed