Microsoft Defender for IoT Version 22.1 Commercially Released

Microsoft this week announced Microsoft Defender for IoT version 22.1 at the "general availability" (GA) commercial-release stage.

Microsoft Defender for IoT (formerly known as "Azure Defender for IoT") is a "network detection and response" service for Internet of Things (IoT) devices, operational technology (OT) and industrial control system devices. It works with other Microsoft security solutions, such as Microsoft 365 Defender, as well as Microsoft Sentinel, Microsoft's security information and event management product.

Version 22.1 of Microsoft Defender for IoT is GA release, which means that it's supported for nine months, according this Microsoft document. Organizations have to move to a GA release to continue to get new functionality in the product under this nine-months-of-support scheme.

Even though Microsoft Defender for IoT reached the GA stage, some of its new functionality is still at the preview stage. Microsoft's announcement and document don't precisely clarify what's at preview and what's at the GA stage, though.

The look and feel of the Microsoft Defender for IoT management pane apparently is at the GA stage. It has a revamped "Overview Page" that highlights top alerts and important stats. The product's "Device Inventory Page" was enhanced. It's now possible now to run reports from the "Data Mining Page." The Help function now links to Microsoft Defender for IoT documentation. A new Map View was added for alerts, and the "Simplified Map View" option was removed.

Alerts for Microsoft Defender for IoT now are available within the Azure portal at the preview stage. With these alerts, users will get remediation steps for "devices and network processes." MITRE ATT&CK information is shown, along with the severity and status of the alert.

Version 22.1 of Microsoft Defender for IoT drops the need to install sensors, and users no longer need to install an IoT Hub.

Microsoft added some features for Microsoft Defender for IoT version 22.1 when used with OT sensors that were described as being at the preview stage. It's now faster to connect OT sensors, and they get automatically updated with threat intelligence. Users can now generate customizable reports. MITRE ATT&CK information is shown for industrial control systems, too.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


comments powered by Disqus

Subscribe on YouTube