Posts Tagged ‘IoTSecurity’
[AWSReInforce2025] Redefining cybersecurity for modern threats with Armis Centrix (NIS122)
Lecturer
Steve Clark serves as Director of Cloud Alliances at Armis, orchestrating partnerships that extend cyber exposure management across cloud and edge environments. His expertise centers on asset intelligence platforms that provide real-time visibility into managed, unmanaged, and IoT devices.
Abstract
The presentation positions Armis Centrix as a cloud-native platform for comprehensive asset protection, demonstrating integration with AWS services to identify, prioritize, and remediate risks across the attack surface. Through customer examples in transportation, healthcare, and aviation, it establishes proactive exposure management as essential for modern threat defense.
Asset Discovery Beyond Traditional Boundaries
Modern environments contain thousands of unmanaged devices—IoT sensors, medical equipment, building controllers—that evade conventional inventory tools. Armis Centrix discovers assets through passive traffic analysis and active querying:
Network Traffic → Behavioral Fingerprint → Device Classification
↓
Risk Scoring Engine
The platform identifies device type, manufacturer, firmware version, and operational context without requiring agents.
Risk Prioritization and Business Context
Raw asset data becomes actionable intelligence through contextual scoring:
{
"device": "GE MRI Scanner",
"vulnerabilities": ["CVE-2023-4567"],
"connectivity": "Internet-facing",
"business_unit": "Radiology",
"priority_score": 9.8
}
Integration with ServiceNow CMDB enriches discovery with ownership and criticality metadata, enabling precise remediation workflows.
Integration Patterns with AWS Services
Armis ingests VPC Flow Logs and GuardDuty findings to extend visibility:
connectors:
- aws_vpc_flow_logs
- aws_guardduty
- servicenow_cmdb
- palo_alto_firewall
EventBridge rules trigger automated responses—quarantining compromised IoT devices, creating Jira tickets, or notifying device owners.
Real-World Deployment Outcomes
Case studies demonstrate operational impact:
- Transportation Provider: Discovered 40% more assets than ServiceNow inventory; achieved regulatory compliance ahead of DoT mandates
- Healthcare System: Reduced mean time to patch critical medical devices from 90 to 14 days
- Airport Authority: Identified rogue Wi-Fi access points and unauthorized Bluetooth beacons
These organizations leverage Armis within AWS environments, processing petabytes of traffic data with sub-second query response.
Proactive Exposure Management Framework
The platform implements continuous assessment:
- Discovery: Passive and active techniques
- Classification: ML-based device fingerprinting
- Risk Scoring: CVSS + business context
- Remediation: Automated playbooks and orchestration
- Verification: Continuous validation of control efficacy
This cycle operates 24/7, adapting to asset churn and emerging threats.
Conclusion: Comprehensive Asset Protection
Armis Centrix transforms asset visibility from periodic audits into real-time intelligence. By combining passive discovery, behavioral analysis, and AWS integration, organizations gain comprehensive protection across IT, OT, and IoT environments. The platform enables security teams to move from reactive incident response to proactive risk elimination.
Links:
[DefCon32] How to Keep IoT From Becoming An IoTrash
The proliferation of Internet of Things (IoT) devices promises connectivity but risks creating a digital wasteland of abandoned, vulnerable gadgets. Paul Roberts, Chris Wysopal, Cory Doctorow, Tarah Wheeler, and Dennis Giese, a distinguished panel from Secure Resilient Future Foundation, Electronic Frontier Foundation, Veracode, Red Queen Dynamics, and DontVacuum.me, respectively, address this crisis. Their discussion, rooted in cybersecurity and policy expertise, explores solutions to prevent IoT devices from becoming e-waste, advocating for transparency, ownership, and resilience.
The Growing Threat of Abandonware
Paul opens by highlighting the scale of the issue: end-of-life devices, from routers to medical equipment, are abandoned by manufacturers, leaving them susceptible to exploitation. Black Lotus Labs’ discovery of 40,000 compromised SOHO routers in the “Faceless” botnet underscores this danger. Cory introduces the concept of “enshittification,” where platforms and devices degrade as manufacturers prioritize profits over longevity, citing Spotify’s Car Thing, bricked without refunds after brief market presence.
Policy and Right-to-Repair Solutions
Tarah and Chris advocate for legislative reforms, such as updating the Digital Millennium Copyright Act (DMCA), to grant consumers repair rights. Google’s extension of Chromebook support to ten years saved millions in e-waste, a model Tarah suggests for broader adoption. Chris emphasizes that unmaintained devices fuel botnets, threatening critical infrastructure. Policy changes, including antitrust enforcement to curb monopolistic practices, could compel manufacturers to prioritize device longevity and security.
Cybersecurity Implications and Community Action
Dennis, known for reverse-engineering vacuum robots, stresses the cybersecurity risks of abandoned devices. Malicious actors exploit unpatched vulnerabilities, conscripting devices into botnets. He calls for community-driven efforts to document and secure IoT systems. Paul, through the Secure Resilient Future Foundation, encourages grassroots advocacy, such as contacting local representatives to support repair-friendly legislation, making it easier for individuals to contribute without navigating complex policy landscapes.
Redefining Ownership and Sustainability
Cory argues for redefining ownership in the IoT era, criticizing practices like Adobe’s Creative Cloud, where Pantone’s licensing dispute threatened to render designers’ work unusable. By designing devices to resist forced downgrades, manufacturers can empower users to maintain control. The panel collectively urges a shift toward sustainable design, where devices remain functional through community-driven updates, reducing e-waste and enhancing digital resilience.