Microsoft has added the ability to analyze firmware for security risks to Microsoft Defender for IoT.

Firmware vulnerabilities are an often-overlooked attack vector, one that can be especially problematic for the IoT industry, given the plethora of devices organizations may be managing. Microsoft is finally making it easier for them to analyze their IoT devices.

The company announced the new features in a blog post:

“With modern endpoint solutions, IT and security analysts get visibility into the software inventories and known vulnerabilities for IT devices,” writes Microsoft’s Derick Naef. “But for IoT and OT devices without an agent, organizations don’t get the same level of visibility into the growing number of devices on their network. The devices are basically black boxes – without insight into what software or patch level was used to build the device, known vulnerabilities, or other potential anomalies. To help address this challenge, we are excited to announce the firmware analysis capability in Microsoft Defender for IoT – now available in Public Preview.”

The blog post goes on to highlight how the new feature works:

Firmware analysis takes a binary firmware image that runs on an IoT device and conducts an automated analysis to identify potential security vulnerabilities and weaknesses. This analysis provides insights into the software inventory, weaknesses, and certificates of IoT devices without requiring an endpoint agent to be deployed.

To use the firmware analysis capability, navigate to the “Firmware analysis (preview)” blade in Defender for IoT and upload an unencrypted Linux-based firmware image directly. The image needs to be acquired from the device vendor. Once the image is unpacked and the embedded file system is identified, a thorough security analysis of the firmware image identifies hidden threat vectors.

The new feature is a welcome addition, one that should go a long way toward helping organizations secure their IoT devices.