Microsoft buys ReFirm Labs to boost IoT security with firmware analysis

Elevate your enterprise data technology and strategy at Transform 2021.

Microsoft has acquired firmware security startup ReFirm Labs to boost its security capabilities for protecting Internet of Things and intelligent edge devices.

The intelligent edge — made up of cloud-connected devices capable of specialized tasks — have opened up a new attack surface, David Weston, Microsoft’s director of enterprise and operating system security, told VentureBeat. Attacks targeting sensitive information such as credentials and encryption keys stored in memory are on the rise, and Microsoft has spent the last few years “securing the operating system below the operating system,” he said.

“Microsoft believes that firmware is not a future threat, but an imperative to secure now as more devices flood the market and expand the available attack surface. We are committed to helping customers protect from these sophisticated threats now and in the future, which is why we’re announcing that we have acquired ReFirm Labs,” Weston wrote in a blog post on Tuesday. Microsoft declined to disclose the terms of the acquisition.

Microsoft has been focused on IoT security on multiple fronts, including Azure Defender for IoT, Azure Sentinel, and devices such as Edge Secured-core and Azure Sphere. The company has pledged to invest $5 billion in IoT by 2022. The acquisition of ReFirm Labs, with its expertise in firmware security and the Centrifuge firmware platform to analyze and detect security issues, is “a culmination of that [IoT] strategy,” Weston said, and will enhance the company’s “chip-to-cloud protection” capabilities.

“Patch Tuesday” for IoT

ReFirm Labs develops the open source Binwalk firmware security analysis tool, which has been used by more than 50,000 organizations around the world to analyze thousands of IoT and embedded devices to identify firmware security issues. System builders and device owners use the tool to assess device risk by looking for known vulnerabilities which have not yet been patched, flagging exposed secrets (security keys, tokens, and passwords), and detecting other security problems.

ReFirm’s tool gives the end-users an easy way to determine the basic security posture of the device. Users can analyze devices to ensure they meet security and compliance requirements before they are deployed in the environment. Microsoft’s Azure Defender for IoT monitors the device once it is connected. And Azure Device Update, IoT’s version of Windows Update introduced six months ago, lets users apply patches.

“Now the customers have pretty much everything they need: They can assess the device, they can monitor it, and they can update it on Patch Tuesday, just as if it was a Windows device,” Weston said.

ReFirm’s technology — Weston called it “essentially a drag and drop tool” — unpacks the device firmware and performs nested scans looking for security issues. The tool is capable of analyzing all kinds of IoT and edge devices, whether that is smart light bulbs or servers running edge applications.

“ReFirm allows us to assess all the code running on the device and provide a security rating before you connect the device,” Weston said. The tool is a “a key piece of the missing puzzle” to make it easier for organizations to feel comfortable about deploying IoT. “Today, you plug [the device] into the Internet and you say ‘YOLO, I hope everything’s cool.’”


VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Articles You May Like

Apple Intelligence Features to Be Delayed in Europe, iPhone Maker Blames EU Tech Rules
Mailcow Mail Server Flaws Expose Servers to Remote Code Execution
Apple Could Reportedly Introduce Several New Variations of Its Vision Pro Headset In the Future
Oracle warns that a TikTok ban would hurt business
Elon Musk softens ‘go f— yourself’ comment as he tries to woo advertisers back to the platform