EDR solutions ensure an organization's endpoints are running properly by monitoring and troubleshooting tech on the network. Compare the top tools now.
EDR solutions ensure an organization's endpoints are running properly by monitoring and troubleshooting tech on the network. Compare the top tools now.
IoT security is where endpoint detection and response (EDR) and enterprise mobility management (EMM) meet the challenges of a rapidly expanding edge computing infrastructure. As the enterprise attack surface grows, IoT is yet another attack vector organizations aren’t fully prepared to defend. Internet of Things (IoT) devices are the smart consumer and business systems powering […]
eSecurity Planet content and product recommendations are
editorially independent. We may make money when you click on links
to our partners.
Learn More
IoT security is where endpoint detection and response (EDR) and enterprise mobility management (EMM) meet the challenges of a rapidly expanding edge computing infrastructure. As the enterprise attack surface grows, IoT is yet another attack vector organizations aren’t fully prepared to defend.
Internet of Things (IoT) devices are the smart consumer and business systems powering the homes, factories, and enterprise processes of tomorrow. By year-end, total IoT device installations will surpass 35 billion and extend to 55 billion by 2025.
Enterprise organizations recognize this shift and need to invest in device management and endpoint security capabilities. In 2016, $91 million was spent on IoT endpoint security solutions. Five years later, that number has skyrocketed to $631 million. With the growth of segments like industrial IoT (IIoT), Internet of Medical Things (IoMT), and industrial control systems (ICS), IoT security will continue to be critical to business continuity, vulnerability management, and threat remediation.
This article looks at the top IoT security solutions, current commercial features, associated risks, and considerations for organizations choosing an IoT vendor.
Launched in 2015, Armis Security specializes in providing agentless IoT security for today’s enterprise infrastructure. The Armis Platform offers the behavioral analysis of billions of devices to inform the Armis Device Knowledgebase, which monitors and alerts administrators to anomalies in IoT device traffic. With Armis Standard Query (ASQ), operators can search and investigate vulnerabilities, services, and policies for managed and unmanaged devices, applications, and networks. As enterprises increasingly take on risks associated with IoT deployment, Armis Asset Management is the vendor’s separate solution providing visibility into devices across the hybrid infrastructure.
Armis’ solutions include cybersecurity asset management, OT security, ICS risk assessment, zero trust, and more. Armis was acquired at a $1 billion price tag by Insight Partners in January 2020, joining Insight’s other cybersecurity subsidiaries like SentinelOne, Perimeter81, Mimecast, and Tenable.
Armis Features
Agentless, passive monitoring for seamless integration into existing infrastructure
Robust device contextual details like model, IP/MAC address, OS, and username
Considering the IT giant’s network infrastructure and cybersecurity chops, it’s no surprise that Broadcom Symantec is also a leader in the IoT security market. Symantec’s Integrated Cyber Defense security bundles (XDR, SASE, and zero trust) contain all the necessary tools for monitoring and securing IoT devices.
Broadcom also offers a location hub microcontroller and System-on-a-Chip (SoC) systems for embedded IoT security for organizations handling product manufacturing. Explicit to the risks posed by IoT deployment, Symantec ICS Protection provides organizations with an enforcement driver, advanced ML, and threat intelligence. At the same time, Symantec CSP offers application allowlisting, system hardening, and anti-exploit techniques.
Broadcom Features
Embedded IoT security for seamless over-the-air (OTA) management
Powerful analytics engine for processing millions of IoT events
Support for managed and unmanaged devices across hybrid infrastructures
Monitor IoT performance for cloud, APIs, apps, devices, networks, and more
Global threat intelligence informing endpoint policies and provisioning
Advertisement
Cisco
Enterprise networking vendor Cisco took a big step into the future of industrial security with the acquisition of French IoT company Sentryo, rebranded as Cyber Vision, in 2019. The resultant synergy has been optimal visibility into ICS networks through an adaptive edge monitoring architecture alongside Cisco’s existing security stack. In addition to Cyber Vision, the Cisco IoT Threat Defense also includes firewalls, identity service engines (ISE), secure endpoints, and SOAR.
Cisco’s industrial threat defense strategy helps organizations assess risk, identify relationships between systems, and deploy microsegmentation in the name of zero trust. Security administrators gain needed context into IoT and OT security events to leverage existing policies. The Forrester Wave for ICS Security Solutions released earlier this month for Q4 2021 placed Cisco atop the ICS/OT security industry.
Cisco Features
Real-time visibility into industrial assets, communications patterns, and app flows
Seamless integration with SOC platforms and SIEM and SOAR systems
Alerts for hardware and software vulnerability detection and response
Deployable as embedded equipment or an out-of-band SPAN collection network
Deep packet inspection (DPI) for understanding context around behavior
Advertisement
Cradlepoint
Since 2006, Cradlepoint has grown into a dominant WAN, edge networking, and cloud solutions provider and was acquired by Ericsson in September 2020 for $1.1 billion. The Boise, Idaho-based vendor’s IoT solution is a part of its NetCloud Service, offering LTE and 5G-compatible wireless edge routers with a web-based platform to manage edge traffic and IoT services.
NetCloud for IoT offers remote management, dynamic routing protocols, zone-based firewalls, and extensibility for securing edge environments. Cradlepoint works with a universe of IoT devices, including medical equipment and smart buildings to kiosks and digital signage.
Cradlepoint NetCloud for IoT Features
Dashboard offering visibility into accounts, groups, devices, usage, and analytics
Connection manager offering WAN optimization, failover, and load balancing
Routing capabilities for static and policy routes, traffic steering, and IP verification
Support for IPv4 and IPv6, Quality of Service (QoS), and IP passthrough mode
Advanced tools like in-band and out-of-band management and map locations
With five decades of experience working with distributed technology solutions, Entrust is a market leader in certificate issuance, identity management, and digital security systems trusted globally by governments, banks, and enterprises. Entrust IoT Security relies on the vendor’s industry-recognized Public Key Infrastructure (PKI) solution. Entrust PKI includes Certificate Hub for granular control of digital certificates, Managed PKI Services to outsource certificate issuance and management, or Entelligence Security Provider for automating enterprise ID management. Entrust can secure the sensitive transactions needed for business continuity for enterprises and industrial organizations deploying IoT devices.
Beyond Entrust’s comprehensive device management offerings, its explicit edge device management products are IoT Identity Issuance and IoT Identity Management. These agent-based solutions can quickly onboard and configure new IoT devices and facilitate secure communication between apps, users, and appliances.
Entrust Features
User-friendly portal for managing certificates from remote locations
Twenty years after its launch, Forescout is an industry leader in monitoring, analyzing, and securing the IoT and OT systems commonly dubbed the Enterprise of Things. Forescout’s IoT Security solution recognizes the value of zero trust principles and works to establish micro-perimeters for specific network segments, obfuscation techniques, and granular user privileges and access.
As a budding zero trust industry leader, the San Jose-based vendor can help manage risk across the hybrid infrastructure, including unmanaged services, Internet of Medical Things (IoMT) devices, and all IP-connected systems. As to how far the vendor has come – Forescout was acquired last year at a valuation of $1.9 billion by a private equity firm.
Forescout IoT Security Features
Provision IoT devices by network segment with dynamic, behavior-based policies
Agentless monitoring that can discover all physical or virtual IP-connected devices
Access to the Forescout Device Cloud with over 12 million device risk profiles
Discover all-IP connected physical and virtual machines in real-time
Automate configuration management database (CMDB) for replication
Advertisement
Fortinet
Fortinet is addressing the newest frontier of cybersecurity with its FortiGuard IoT Service. With enterprise capacity, FortiGuard IoT processes 1.2 billion queries daily from thousands of new and existing devices. Leaning on its existing security stack, Fortinet’s strategy for addressing edge risk combines its next-generation firewall (FortiGate) and NAC (FortiNAC) in a lightweight SaaS solution. With LAN Edge, organizations can implement their SD-WAN strategy while bolstering edge networks.
FortiNAC is the vendor’s zero trust access solution providing agentless scanning, microsegmentation, and a multitude of profiling methods to determine the identity of devices. Fortinet firmly believes in a fabric-based approach to IoT security to manage the distributed threat posed by IP-enabled devices.
Fortinet Features
Easy, automated onboarding for apps, users, and devices across infrastructure
User and device profiling and denial of unsecured devices
Compatible with 150 vendors offering flexibility with network device configurations
Industry-leading NGFW for physical, virtual, and cloud systems
Access to threat intelligence and research from FortiGuard Labs
Advertisement
JFrog
When it comes to end-to-end DevOps solutions, JFrog has been a notable vendor for almost a decade. With the acquisitions of Vdoo and Upswift over the summer, the Israeli-American software lifecycle company can continuously update and secure IoT devices as a budding DevSecOps solution. JFrog offers visibility across application and service lifecycles and can inform and automate security strategies addressing edge traffic and machines.
The JFrog Platform relies on a universal binary repository that records all dependencies, builds artifacts, and releases management details. This basis provides high availability and seamless multi-site replication for managing increasingly complex software deployments. For security and compliance, JFrog offers software composition analysis (SCA) for analyzing third-party and open source software, capable of scanning all major package types alongside a full REST API for seamless integration into existing infrastructure.
JFrog Features
Support for on-premises, cloud, multi-cloud, or hybrid deployments
Configure artifact metadata and search by name, archive, checksum, or properties
Index and scan package types like Go, Docker, Python, npm, Nuget, and Maven
Vulnerability intelligence to alert and inform remediation of bugs
24/7 support from the JFrog Research & Development team
To guard an increasing number of IoT devices against brute force attacks, server application vulnerabilities, and escalated access, Overwatch specializes in IoT security through its ThreatWatch solution. Hailing from Little Switzerland (North Carolina), the vendor launched in 2015 to address the era of SD-WANs and edge connectivity. Threatwatch offers organizations security management analytics for network devices, threat monitoring, and resolution capabilities, as well as a visual map of all active connections.
For devices, the Overwatch agent is an edge-deployed security monitoring solution communicating with the Threatwatch platform to provide administrators with real-time traffic analysis. Administrators have visibility into active connections and can take remediation actions like rebooting or device locking when appropriate.
Overwatch Features
Easy-to-use web interface for central management of agents and devices
Lightweight, discreet agent resilient enough to block exploits
API for communicating real-time threat assessment and mitigation to device agents
Administrative access to analytics, data storage, and assessments
Configure security policies for IoT devices and clusters with specific criteria
Advertisement
Palo Alto Networks
Palo Alto Networks is one of the most innovative global cybersecurity vendors, and its IoT strategy is no different. A part of Palo Alto’s Network Security vertical, the vendor approaches edge management with the IoT Security Lifecycle. All organizations must understand, assess, and mitigate IoT risks, detect known threats, and respond to anomalies. PAN’s IoT security framework includes EDR, ZTNA, vulnerability management, asset management, and NAC to provide end-to-end visibility.
With the vendor’s built-in playbooks, administrators can instantly resolve IoT security risks like resource-intensive API-led integrations and manual processes for ticket creation. In a single platform, it’s challenging to compete with the monitoring, prevention, and response capabilities PAN provides.
Palo Alto Networks IoT Security Features
Pre-built integrations for existing IT systems like NAC, SIEM, and ITSM
Machine learning and telemetry to inform risk assessment and remediation
Lightweight cloud-delivered security service for easy deployment
NAC or NGFW implementation for building a zero trust infrastructure
Enhanced investigation and threat response for IT, IoT, OT, and Bluetooth devices
Advertisement
PTC
PTC is a longtime provider of computer-aided design (CAD) and product lifecycle management (PLM) software, and almost four decades after its launch, the vendor continues to serve industrial needs with the latest tech like augmented reality (AR) and IIoT solutions. PTC offers the ThingWorx Industrial IoT Solutions Platform as a bundle of tools or standalone solutions for IoT security.
Through Kepware and the ThingWorx Kepware Server, organizations can securely connect to OT systems, equipment, and plants typically siloed in niche protocols. Administrators can configure firewall policies by assigning access and permissions based on user roles. PTC’s solutions provide the necessary visibility and flexibility to deploy and manage hybrid, cloud, and on-premises systems.
PTC ThingWorx Features
Remote asset monitoring, alerts, and analysis of trends in traffic and systems
Pre-built apps and developer tools for deploying IoT applications
Performance monitoring and management provides real-time analysis
Machine-to-machine (M2M) linking, logic, and communication functionality
Mitigate inefficiencies or risks posed by legacy industrial systems
Advertisement
Trustwave
Chicago-based Trustwave is a leading managed security service provider (MSSP) with billions of security events logged every day. Twenty years in, the cybersecurity vendor has a global presence and the expertise to manage detection and response, security systems, compliance, applications, and databases.
Trustwave offers IoT security for implementers and manufacturers with the software and applications needed to monitor devices and the embedded components to extend protection to hardware. For implementer services, the vendor offers managed IoT monitoring and managed security testing for validating embedded systems. Product developers and manufacturers can conduct IoT product testing, including incident response.
Trustwave Features
Penetration testing for investigating vulnerabilities of apps, servers, IoT, and cloud
Scan and track all IP-enabled devices for adequate access control
Personalized approach for managing organizations IoT systems and associated data
Operational resilience with managed and automated compliance functionality
Access to vulnerability, threat, and exploit experts with Trustwave SpiderLabs
Advertisement
What Are IoT Security Solutions?
IoT security solutions are the software and embedded tools used to monitor edge devices, proactively detect threats, and facilitate remediation. As such, current IoT security solutions are a mix of standalone and bundle plans that include existing tools like EDR, encryption, IAM, EMM, and more to protect connected devices and networks.
What Are IoT Devices?
IoT is the broad label given to all devices capable of communicating with each other, often at short range with unique identities and few components outside its operational intent, including security features. Because of this, several organizations are building security into a new generation of IoT devices (embedded security) while other vendors offer agent-based software to monitor and protect IoT devices.
Examples of IoT devices include most consumer smart systems, autonomous machinery and vehicles, office appliances, and a multitude of healthcare devices.
Advertisement
Considerations for Choosing an IoT Security Solution
How does the solution isolate IoT devices and access from critical segments?
What protocols and tools are available for secure transactions? (TLS, encryption, Auth0)
Are there embedded or built-in IoT security requirements to address exposure?
What policy controls can administrators configure for unmanaged devices or users?
Does the solution issue and manage secure credentials like PKI and code signatures?
Can solution operators identify, categorize, and provision new devices?
How does the solution establish trust between devices? (e.g., key injection or HSMs)
IoT Security Solution Features
Network scanning, device identification, and discovery of active connections
Identify users, data, devices, locations, and more to identify and assess risk categories
Threat intelligence informs the status of malware and available patches
Security gateways to isolate network segments between ports, servers, and IoT devices
Baseline responses to anomalous behavior for individuals or clusters of devices
Define and enforce policies across device and access types for hybrid infrastructures
Automated onboarding, configuration, and threat response policies for new IoT devices
Certificate issuance and management for granting secure credentials and access
Because securing IoT devices is a budding cybersecurity segment, the above list is not all-encompassing, and several vendors present unique approaches to addressing IoT security challenges.
Advertisement
IoT Device Risks and Vulnerabilities
Once isolated from other devices and an organization’s larger IT environment, IoT devices like sensors, doorbells, and printers are now at risk of compromise. With proper segmentation, organizations can avoid access to an IoT device turning into something more, but that won’t stop threat actors from using the device and others like it in a botnet attack.
Other identified risks associated with IoT device management include:
Insufficient security or data protection capabilities for devices
Inability to add additional security software
Insecure interfaces easily accessible to a persistent threat
Poor password protection with default credentials staying put
Unreliable patch or update mechanism
Nonexistent or lacking inventory of IoT devices or monitoring IoT traffic
A gap in IoT security management skills for edge systems
Disparate management of IoT and OT systems creating data silos
Advertisement
IoT Security: Not Going Away
The proliferation of IoT devices means securing the next generation of IT environments will require IoT-specific security strategies and solutions. Organizations actively deploying IoT devices should be prudent about the security risks of insecure edge devices and proceed with caution.
Organizations need to visualize IoT assets under management, profile their risk, apply adequate protections, and monitor IoT traffic for unknown threats. Like so much else in cybersecurity, visibility informs action and strategy – making the upfront work of selecting an IoT security solution or assembly a strategy that much more valuable in avoiding unnecessary risk.
Sam Ingalls is an award-winning writer and researcher covering enterprise technology, cybersecurity, data centers, and IT trends, for eSecurity Planet, Tech Republic, ServerWatch, Webopedia, and Channel Insider.
Proxy vs VPN: Learn the key differences, benefits, and use cases of proxies and VPNs. Find out which option best fits your privacy, security, and browsing needs.
Discover the best email security software options and the top features offered to protect against threats and ensure secure communications. See our reviews here.
Skip the traps. Discover the top free VPNs of 2025, featuring no logs, unlimited bandwidth, and regular audits, where available. Tested, secure, and ready to use.
eSecurity Planet is a leading resource for IT professionals at large enterprises who are actively researching cybersecurity vendors and latest trends. eSecurity Planet focuses on providing instruction for how to approach common security challenges, as well as informational deep-dives about advanced cybersecurity topics.
Advertiser Disclosure: Some of the products that appear on
this site are from companies from which TechnologyAdvice
receives compensation. This compensation may impact how and
where products appear on this site including, for example,
the order in which they appear. TechnologyAdvice does not
include all companies or all types of products available in
the marketplace.
