Attivo Networks Blogs

IoT devices as bait for cyber attackers

Attivo Networks has integrated its Deception technology-based ThreatDefend platform into the Microsoft Azure Security Center.

This further improves the detection rate and response time when attacking the Microsoft Azure IoT Edge service.

Because Intelligent Edge is a common target for attackers, the Azure IoT Edge service actively addresses emerging cyber risks by using Attivo ThreatDefend to detect threats. The integration of both platforms offers companies a reliable way to quickly and securely identify attackers in the network, mislead them and react to them.

Azure IoT Edge is a fully managed service based on the Azure IoT Hub. It enables companies to run cloud workloads via standard containers on IoT Edge devices. When certain workloads are migrated to the fringes of the network, IoT devices spend less time communicating with the cloud. This means that these devices can react more quickly to local changes and they work reliably even over long periods without an internet connection.

IoT deception on a large scale

The joint solution from Attivo Networks and Microsoft is designed so that Azure IoT modules can be used seamlessly as bait. In this way, threats are recognized early and warded off. Cyber ​​security teams can install the Attivo Networks ThreatDirect solution on IoT Edge devices and lay them out directly from the Azure IoT Hub console. In this way, large-scale deception maneuvers can be projected over the cloud, IoT devices or in industrial and medical corporate networks to protect the entire infrastructure of a company. This jointly developed solution is available in the Azure Marketplace.

The Attivo ThreatDefend platform is based on the generation of a virtual deception environment that is modeled on the real network environment of the respective company. Attackers automatically get the baits laid out by Attivo Networks and are lured into the deception environment, recognized and repelled. As soon as attackers target IoT Edge devices and try to search for information on the network or move across the network, they will encounter objects of interest that are deceptively similar to real production systems. Any active search will result in the attack being redirected to the deception environment. ThreatDefend then triggers an alarm that automatically notifies the Azure Security Center.

“The efficient detection of cloud-based attacks on containers and IoT devices is a major challenge for all security systems,” explains Joe Weidner, Regional Director DACH at Attivo Networks. “We are excited to partner with Microsoft to provide businesses with improved visibility, early detection and accelerated response to attacks, which they urgently need to effectively combat increasingly sophisticated attackers while taking full advantage of the Intelligent Edge.”

Michal Braverman-Blumenstyk, CTO and GM, Cloud and AI Security Division at Microsoft, says: “We at Microsoft believe it is our responsibility to provide a trustworthy, easy-to-use platform that enables customers to securely build and implement their IoT implementations Our collaboration with Attivo Networks strengthens Azure Security Center for IoT Edge’s security framework with effective, deception-based detection that enables organizations to respond to ever-changing security needs. ”

Read the original article.

Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free


Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

Newsletter Signup

    Yes, please opt me in to receive your quarterly newsletter, event invitations, and product updates.

    I understand that I can opt out at any time, and can refer to Attivo Networks Privacy Policy for more information.
  • This field is for validation purposes and should be left unchanged.

ADSecure 90-Day Free Trial


  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise


Leave a Comment

Your email address will not be published.

11 − 5 =

Ready to find out what’s lurking in your network?

Scroll to Top