Microsoft has acquired ReFirm Labs, a firmware security specialist. The acquisition strengthens Microsoft’s capabilities in firmware analysis and security capabilities across devices that form the intelligent edge, from servers to IoT. 

ReFirm is the author of the Binwalk open-source software. This has been used to analyse thousands of device types for firmware security issues, uncovering vulnerabilities and exposures in plugin IoT devices and embedded firmware.

In a blog post, Microsoft said that ReFirm’s firmware analysis technology will advance Microsoft’s existing capabilities to help secure IoT and OT devices via Azure Defender for IoT, which has recently been boosted with technology from the company’s acquisition of CyberX. 

“Together, we will provide device builders and customers the ability to both discover, protect, and assess device risk both at the firmware and network level and then patch devices with an easy-to-use cloud-based solution as is explained in this video,” said David Weston Director of Enterprise and OS Security.

“Microsoft has already taken steps to bring the power of the cloud to help secure and eliminate gaps between hardware and software with the announcement of Secured-core PCs, the creation of the Pluton security processor with our partners, and most recently the extension of secured-core to servers and edge devices. This acquisition marks the next step in our journey and ability to help secure customers from the chip to the cloud, backed by more than 3,500 defenders at Microsoft and the >8 trillion security signals we process every day,” said Mr Weston.