Microsoft buys ReFirm Labs to boost IoT security with firmware analysis

Microsoft has acquired firmware security startup ReFirm Labs to boost its security capabilities for protecting internet of things and intelligent edge devices.

The intelligent edge — made up of cloud-connected devices capable of specialized tasks — have opened up a new attack surface, David Weston, Microsoft’s director of enterprise and operating system security, told VentureBeat. Attacks targeting sensitive information such as credentials and encryption keys stored in memory are on the rise, and Microsoft has spent the past few years “securing the operating system below the operating system,” he said.

“Microsoft believes that firmware is not a future threat, but an imperative to secure now as more devices flood the market and expand the available attack surface. We are committed to helping customers protect from these sophisticated threats now and in the future, which is why we’re announcing that we have acquired ReFirm Labs,” Weston wrote in a blog post on Tuesday. Microsoft declined to disclose the terms of the acquisition.