New York cyber-security firm Firedome has linked its on device real-time detection, prevention and response with Microsoft Defender for IoT cloud-based security to provide a holistic view of IoT attacks.

Firedome specialises in IoT endpoint protection. Its integration with Defender for IoT, using Microsoft Sentinel, combines its on-device agent-based real-time detection, prevention and response with Defender for IoT’s network-based events, offering a comprehensive view, analysis prevention and remediation of cyber attacks in IoT and OT environments across all attack phases.

Streamlined to Sentinel, users can create alerts, investigate security incidents and access device-entry-point data for enhanced device and organisational security.

Firedome’s Defense in Depth offering is a comprehensive approach to security that integrates prevention, detection and response, and can feed forensic data into a SIEM (security information and event manager). Compatible with major IoT operating systems such as Linux, FreeRTOS, Windows and Android, the lightweight agent operates across various sectors, including healthcare, energy, smart buildings and retail.

By combining Firedome’s on-device agent-based view and protection with Defender for IoT’s network and perimeter capabilities, users can identify, block and remediate the devices responsible for initiating cyber attacks within their IoT or OT network, track threats movements across network segments, and pinpoint devices involved in DDOS and botnet campaigns. This integration empowers users to enhance their understanding of cyber threats and take proactive measures to safeguard their IoT environment.

“We are delighted to expand our longstanding relationship with Microsoft,” said Moti Shkolnik, Firedome CEO. “Our new integration with Microsoft Defender for IoT will equip our shared customers with an in-depth view and understanding of cyber threats targeting their IoT devices and networks.”

Nir Krumer, general manager for IoT and OT security at Microsoft, added: “The integration of Firedome’s EDR with Microsoft Defender for IoT enriches the SOC [security operations centre] with valuable insights from cross network and endpoint for IoT and OT environments and devices. Our aim is to empower SOC teams to provide an IoT- and OT-enabled SOC that has visibility into all telemetry to detect and respond faster to cyber attacks on IoT and OT devices and networks.”

The Firedome EPP allows organisations to prevent any attack type on IoT endpoints that would otherwise be undetectable by existing security controls. Defense in Depth combines prevention, detection, response and forensic data into a unified offering that integrates into existing SIEM platforms. Firedome IoT agents are built to protect any IoT device across various verticals such as healthcare, energy smart building and retail.