Microsoft agreed an acquisition of software company ReFirm Labs for an undisclosed sum to boost security of IoT devices.

The purchase brings Microsoft access to ReFirm Labs open source software which analyses the firmware of IoT devices for security vulnerabilities. It explained device builders often incorporate components and software into their products without assessing potential threats.

ReFirm Labs will become part of Microsoft’s Azure Defender for IoT, a division the company created with its CyberX team.

Device builders can submit firmware to ReFirm Labs for assessment through a web browser. The company’s systems then scan for problems around file system permissions and passwords, with Azure Defender for IoT then employed to deliver patches to the manufacturer or end user.

Microsoft explained the growing number of cloud-connected devices increases potential firmware security threats due to an increasing quantity of specialised sub-processors in these products.

It noted the results of a recent survey of 1,000 security decision makers it commissioned showed 83 per cent had experienced some level of firmware security incident, but only 29 per cent are allocating resources to protect firmware.

Microsoft stated it currently processes more than 8 trillion security signals each day and employs more than 3,500 people to defend it and customers against security threats.