Microsoft just acquired Maryland startup ReFirm Labs to boost IoT security capabilities

Microsoft is acquiring Maryland cybersecurity startup ReFirm Labs as it seeks to shore up security of the Internet of Things, the iconic tech company said on Wednesday.

Founded in 2017, Fulton-based ReFirm Labs’ technology is used to secure firmware, which is the software that powers the hardware in connected devices. Terms were not disclosed.

While building its own platform, ReFirm Labs has looked to raise awareness about the need for securing IoT devices — the connected devices that firmware powers. They are also becoming more ubiquitous in society due to increased use of internet-connected items in cities and everyday life, as well as in the sensors and systems that power businesses. It is also leading to fears among influential technologists and cybersecurity experts that their vulnerability to attacks is growing just as fast as their use.

Microsoft is among them. In a blog post announcing the deal, Microsoft Director of Enterprise and OS Security David Weston wrote that the company is acquiring ReFirm Labs’ to “enrich our firmware analysis and security capabilities across devices that form the intelligent edge, from servers to IoT.” He added that the team is bringing both expertise and technology to the tech mainstay.

“We are thrilled to take this next step with ReFirm Labs to proactively address what is already becoming the next big attack surface, firmware,” Weston wrote. “Together, will continue to provide innovation and value to our customers by helping them discover, monitor, and update all of their network-connected devices. The technology and expertise that ReFirm brings will be an incredible addition to Microsoft and help us continue to deliver on our commitment to protecting from the chip to the cloud.”

Microsoft also recently acquired CyberX, another company in the IoT security space.

ReFirm Labs’ journey dates back to 2010. That’s when the team of former National Security Agency cybersecurity pros behind the company created Binwalk, an open source tool used by security analysts to identify files and code in firmware. With Binwalk growing to be used by 50,000 orgs, in 2017 cofounders Terry Dunlap and Peter P. Eacmen III spun ReFirm Labs out of services company Tactical Network Solutions as it sought to bring IoT security tools to large organizations through its platform, called Centrifuge.

As CEO Derick Naef told Technical.ly in 2019, ReFirm Labs’ platform allows companies to analyze the components of a device that are coming from factories and other parts of a supply chain. The company’s technology provides images of the firmware, and allows users to identify potential vulnerabilities. The idea is that the component makers will see these gaps and address them before they’re shipped out, and before attackers do.

ReFirm Labs indicated that it had already worked with Microsoft prior to joining the team.

“As we worked with Microsoft it became clear that they shared the same vision and urgency around IoT Security with a comprehensive suite of solutions,” ReFirm Labs wrote in a blog post about the acquisition. “The Binwalk suite will add to Microsoft’s strategy to be the best in class solution for addressing IoT security challenges.”

ReFirm Labs raised $3.5 million, and the company has gotten support from local investors along the way. It was among the initial companies to receive support from DataTribe, the cyber-focused startup foundry based in Fulton that provides seed funding and resources to help technologists form companies. It also received funding from TEDCO, Maryland’s agency supporting early stage companies, as well as Virginia’s New Dominion Angels and Tysons Angels.

The deal delivers an exit to Maryland’s cybersecurity community, which has an active group seeking to build commercial startup prowess around the government-driven talent magnet at Fort Meade. With backing from resources like DataTribe and funding from TEDCO, a number of operators have formed companies in recent years after leaving the agency. This shows one such company completing the cycle.