Defender for IoT

Microsoft Defender for IoT is the security product for industrial control systems (ICS), operational technology (OT), and IoT devices — the non-traditional endpoints in manufacturing plants, energy facilities, healthcare equipment, building automation, and similar environments. Provides agentless discovery of OT and IoT devices via passive network monitoring, vulnerability assessment, threat detection (specific to industrial protocols like Modbus, DNP3, S7, BACnet), and integration with Microsoft Defender XDR for unified incident view. For organisations with significant OT or IoT footprint, Defender for IoT extends the Defender stack into a domain that traditional EDR (Defender for Endpoint) doesn't reach. Licensed per device per month.