Trend Micro makes IoT Security solution more useful for partners with new SDK capabilities and better integration

Trend Micro IoT Security 2.0 responds to an ask from Trend’s traditional channel partners to make the solution more flexible and easier for them to integrate, in order to improve their ability to monetize IoT opportunities.

Cybersecurity Trend Micro has launched the 2.0 version of their Trend Micro IoT Security [TMIS] offering. It makes some significant enhancements to the original release, including some which should be particularly welcome to Trend’s channel partners.

Trend Micro has been involved with parts of what is now called the Internet of Things [IoT] market for years, although they have increased their focus in the last few, deepening their relationships with IoT device manufacturers and leveraging technology from Trend Micro’s IT products.

“In approaching this market, we have to recognize what’s the same and recognize what’s different,” said Greg Young, VP, Cybersecurity at Trend Micro. “Not everything is the same, but you also don’t need to start from scratch. The problems often come from the same actors, and they tend to use the same techniques – but the people defending themselves are very different from IT people. You can’t give them traditional TCP/IP Windows solutions. But you also can’t throw out the great advances we have made either.”

Young emphasized that TMIS 2.0 is a much more fully integrated solution than before, with threat monitoring, detection and protection now operating together in a manner they have not here in the past.

“All the components coming together the way they do here is really a net-new,” he said. “Pieces of it were there before, including whitelisting and bits of IPS [Intrusion Prevention Services], but a solution that could be applied to multiple products and be useful as an SDK was not there. Previously, it was just components.”

Similarly, Trend Micro’s Smart Protection Network threat intelligence program was not leveraged into the IoT solution as it is now.

“Our threat management information is an incredible lake of threat information, and we have now made it fully available to these very vulnerable IoT devices,” Young said. “Before, we had parts of this available for TMIS, but not the whole thing, because we didn’t make it completely accessible with a full SDK approach. This is something that has been a common issue across IoT products. IoT products have instead been very focused on a behavioral model, so didn’t use this kind of resource.” The Smart Protection Network adds elements like a Web Reputation Service and IoT Reputation Service which block visits to malicious URLs and websites.

The system console has received a major upgrade.

“The console now has the ability to deploy virtual patches, and has what is essentially a health monitor,” Young indicated. “It was very basic before, but now it provides a full health check.” Reports on vulnerabilities, virtual patch deployment and more are now emailed to administrators and device makers, to provide more flexible management capabilities.

Young said that the greater flexibility and customization capabilities in this release from things like an improved installation script will make TMIS easier for Trend channel partners to use and to sell.

“We’ve always had strong OT [Operational Technology] partnerships with this, around relationships to manufacturers,” he said. “But we have had our traditional channel give us an ask to help them do more. It’s hard for them to make money doing custom releases. That’s where these SDK capabilities, which will make it easier to integrate and to automate, will be important. They will enhance partner opportunities, and provide a much faster time to sale without the need for custom engagements.”

IoT devices have traditionally relied on things that were once more central to IT security than they are today, like Application Whitelisting, Hosted IPS  and System Vulnerability Scanning, and these remain core parts of TMIS.

“Something like whitelisting hasn’t been a leading item in conventional IT security,” Young noted. “In IOT security though, it tends to be a leading requirement.”