Microsoft has acquired ReFirm Labs, of Fulton. The move was to help Microsoft protect its firmware, which is where sensitive information like credentials and encryption keys are stored in memory.
The emergence of the intelligent edge has accelerated the number of these cloud-connected devices that contain multiple specialized sub-processors each with its own firmware layer and often a custom operating system. Many vulnerability analysis and endpoint detection and response (EDR) tools find it challenging to monitor and protect devices at the firmware level, leading to an attractive security gap for attackers to exploit.
Here’s an excerpt from Microsoft’s announcement explaining the move:
“Microsoft believes that firmware is not a future threat, but an imperative to secure now as more devices flood the market and expand the available attack surface. We are committed to helping customers protect from these sophisticated threats now and in the future, which is why we’re announcing that we have acquired ReFirm Labs.”
“ReFirm Labs is joining Microsoft to enrich our firmware analysis and security capabilities across devices that form the intelligent edge, from servers to IoT. The addition of ReFirm Labs to Microsoft will bring both world-class expertise in firmware security and the Centrifuge firmware platform to enhance our ability to analyze and help protect firmware backed by the power and speed of our cloud.”