Phosphorus enhances its xIoT security platform to strengthen enterprise device security
Phosphorus announced important new enhancements to its Enterprise xIoT Security Platform that will improve organizations’ ability to reduce their xIoT attack surface and prevent sophisticated threats.
“The proliferation of xIoT devices is creating vast new risks for today’s enterprises, with attackers increasingly able to evade defenses and breach companies through these overlooked and often unmonitored devices,” said Sonu Shankar, VP of Product Management at Phosphorus.
“Our xIoT security platform already provides unmatched capabilities for finding, fixing, and monitoring xIoT devices. Now we’ve gone further by giving enterprises even more capabilities for hardening these devices against active threat actor campaigns. These new features will empower any organization to eliminate critical weaknesses in xIoT devices that cybercriminals and nation-states are known to exploit.”
The updated version of Phosphorus Enterprise xIoT Security Platform now includes new enhanced features across Configuration Management, Hardening, and Remediation.
Configuration management
xIoT devices frequently have expired, invalid (such as self-signed) or insecure SSL/TLS certificates, which can expose these devices – and, by consequence, the larger corporate IT network – to significant risks.
Phosphorus’s expanded configuration management capability now makes it easy for organizations to maintain up-to-date certificates for their xIoT assets, regardless of how many devices they have deployed. The platform’s Device Posture Assessment feature already accurately determines the certificate status of xIoT devices within the network, so that bad certificates can be quickly identified.
However, with this new product enhancement, Phosphorus has expanded these capabilities further by enabling Upload Certificate actions so that enterprises can install valid, up-to-date certificates for each device.
Maintaining these certificates is critical for device hardening and security, as well as for ensuring the organization’s overall operational security. Threat actors are known to create self-signed certificates for xIoT devices which are used in man-in-the-middle (MiTM) attacks and to encrypt C2 traffic in order to hide it from network monitoring tools.
Expanded hardening and remediation
Unpatched vulnerabilities are an ongoing problem in xIoT deployments, as Phosphorus has found that 68% of these devices have unaddressed high-risk or critical vulnerabilities (CVSS score: 8-10) that could be exploited.
However, this problem isn’t only due to the slow application of patches. In many cases, xIoT device manufacturers may take weeks or months to make patches available.
The Phosphorus platform already makes it easy for enterprises to upgrade their xIoT devices when new patches become available for zero-day vulnerabilities. Phosphorus is now offering new Disable Service and Reboot Device actions, which allow organizations to proactively harden their devices and disrupt active threats, thereby reducing the risk of exploitation. For example, with the Disable Service feature, an enterprise can disable remote services like SSH, which attackers are known to exploit so that they can login to xIoT devices as a legitimate user.
API support
This new version of the Phosphorus Enterprise xIoT Security Platform has added API support to perform these configuration management and device hardening tasks on a select set of devices. The unique extensibility of the Phosphorus platform allows for the rapid expansion of support to hundreds of thousands of xIoT device models, driven by the Tactics, Techniques, and Procedures (TTPs) associated with emerging threat actor campaigns.
Phosphorus’s Enterprise xIoT Security Platform is a consolidated xIoT security offering, delivering Attack Surface Management, Hardening and Remediation, and Detection and Response across the full range of IoT, OT, and Network-connected devices—spanning both new and legacy devices. This enables large organizations to scale xIoT technologies (which can amount to millions of devices per organization) without having to add any additional employees to secure them.