Standalone micro agent overview

Security is a near-universal concern for IoT implementers. IoT devices have unique needs for endpoint monitoring, security posture management, and threat detection – all with highly specific performance requirements.

Note

Defender for IoT plans to retire the micro agent on August 1, 2025.

The Microsoft Defender for IoT security agent allows you to build security directly into your new IoT devices and Azure IoT projects. The micro agent has flexible deployment options, including the ability to deploy as a binary package or modify source code, and it's available for standard IoT operating systems like Linux and Eclipse ThreadX.

The Microsoft Defender for IoT micro agent provides endpoint visibility into security posture management, threat detection, and integration into Microsoft's other security tools for unified security management.

Security posture management

Proactively monitor the security posture of your IoT devices. Microsoft Defender for IoT provides security posture recommendations based on the CIS benchmark, along with device-specific recommendations. Get visibility into operating system security, including OS configuration, firewall configuration, and permissions.

Endpoint IoT and OT threat detection

Detect threats like botnets, brute force attempts, crypto miners, and suspicious network activity. Create custom alerts to target the most important threats in your unique organization.

Flexible distribution and deployment models

The Microsoft Defender for IoT micro agent includes source code, allowing you to incorporate the micro agent into firmware, or customize it to include only what you need. The micro agent is also available as a binary package, or integrated directly into other Azure IoT solutions.

Meets the needs of your IoT devices, with minimal impact

The Microsoft Defender for IoT micro agent is easy to deploy, and has minimal performance impact on the endpoint. With Defender for IoT micro agent you can:

  • Optimize for performance: The Microsoft Defender for IoT micro agent has a small footprint and low CPU consumption.

  • Plug and Play: There are no specific OS kernel dependencies or support necessary for all major IoT operating systems. The Microsoft Defender for IoT micro agent meets your devices where they are.

  • Flexible deployment: As a standalone agent, The Microsoft Defender for IoT micro agent supports different distribution models and flexible deployment.

Next steps

Check your Micro agent authentication methods.