IoT is being rapidly adopted across healthcare, manufacturing, critical infrastructure and other industries across the Middle East, enabling numerous benefits for businesses and customers. However, this technology can also create new – and sometimes hidden – cybersecurity risks. Abdulaziz Alajlan, Account Executive, Asimily, discusses how the company is helping regional enterprises secure their connected devices while maintaining operational continuity through its strategic partnership with AmiViz.
As one of the fastest-growing cybersecurity companies globally, what sets Asimily apart from other IoT security solutions on the market?
We’ve been growing quickly by taking a unique risk-based approach to IoT device security. Many solutions simply identify vulnerabilities – but that isn’t all that helpful when teams are overwhelmed by vulnerability alerts that may be something important or benign. Instead, our platform uses advanced Machine Learning to know which vulnerabilities actually pose real-world risks to your organisation.
IoT devices typically have multiple vulnerabilities, but only 5-10% have genuine exploit risks based on their use case, network configuration and other variables. Particularly as IoT device fleets scale, directed focus is more important than ever.
Our platform’s ability to passively scan devices without disrupting critical operations is particularly valuable for organisations in the Middle East, where we’re seeing rapid IoT adoption across healthcare, manufacturing, critical infrastructure and other industries. Through our strategic partnership with AmiViz, we’re helping regional enterprises secure their connected devices while maintaining operational continuity.
We also maintain the largest repository of device metadata, simulate real-world attack paths and provide clear remediation guidance. This allows organisations to focus their limited security resources where they matter most. Asimily easily integrates with existing security infrastructure, enabling businesses to strengthen their security posture without overhauling current investments. Particularly for enterprises managing complex technology environments, it’s a big deal to be able to add Asimily without affecting existing cybersecurity processes.
Could you give some examples of unknown or uncommon dangers that connected devices pose and how Asimily combats them?
One of the most overlooked dangers is how IoT devices often create hidden paths through a network. Take a smart HVAC system, for example. The system might seem isolated, but attackers can use it as an entry point to more critical systems through shared network connections. We’ve even seen cases where a smart coffee maker can provide access to sensitive enterprise data. Our platform specifically models these attack paths, showing you exactly how a threat actor might chain together multiple devices to breach your network.
Another underappreciated risk involves devices that are still communicating on deprecated protocols or running outdated firmware versions that the manufacturer no longer supports. Organisations often aren’t aware of these legacy issues until it’s too late. Asimily’s deep packet inspection identifies these vulnerable protocols and outdated systems, helping organisations understand which devices need immediate attention.
Also concerning is when devices that appear secure are actually misconfigured in ways that create security gaps. For example, we often find medical devices or industrial equipment using default credentials or sharing more data than necessary across network segments. Asimily is built to continuously monitor device behaviour and automatically flag these misconfigurations, providing specific remediation steps that won’t disrupt the device’s critical functions.
How does AI contribute to reducing vulnerabilities in devices 10x faster?
The scale of IoT deployments makes it impossible for security teams to manually analyse every potential vulnerability. This is where AI becomes a game-changer within our platform, by accelerating vulnerability reduction in several key ways.
First, AI within Asimily quickly processes vast amounts of device data to understand normal behaviour patterns. When analysing a network with thousands of connected devices, it can quickly identify which devices are communicating unusually, which are accessing unexpected resources, or which are operating outside their typical parameters. This automated behavioural analysis catches potential security issues that might take human analysts weeks or months to discover.
But where AI really drives the 10x faster reduction you mention is in prioritisation. Rather than just flagging every potential vulnerability, our AI evaluates real-world exploit potential by considering factors like network configuration, device placement, existing
security controls and known attack patterns. This means security teams can focus their limited time on the subset of vulnerabilities that present actual risk, rather than chasing down false positives or lower-priority issues. Particularly for resource-constrained organisations, the targeted approach that Asimily offers enables them to make meaningful security improvements much more quickly.
How does Asimily help organisations address third-party risks, especially with the increasing reliance on connected vendor devices?
Third-party device risk has become a major blind spot for many companies. When vendors connect their devices to your network – whether it’s your medical equipment supplier, your HVAC contractor, etc. – each connection potentially opens up a new security gap. Organisations often lack visibility into how these third-party devices behave and what they’re accessing.
Asimily addresses this challenge head-on in several ways. Our platform automatically discovers and classifies all connected devices, including third-party equipment and builds a detailed profile of each device’s (correct) operational parameters. This means you always know what vendor devices are on your network and whether they’re behaving as intended.
Most importantly, we help organisations manage vendor device risk through our real-time monitoring and risk assessment capabilities. For example, if a vendor’s device suddenly starts attempting unusual network connections or transferring unexpected amounts of data, our technology flags it immediately. We also provide vendor-specific risk context, such as identifying if a manufacturer has stopped supporting a device or if there are known vulnerabilities in a vendor’s equipment line. This intelligence helps organisations make informed decisions about which third-party devices to allow on their network and what restrictions to put in place.
How does Asimily’s toolset help security teams remain efficient when managing thousands of devices across complex environments?
Managing thousands of IoT devices efficiently comes down to automation and intelligent prioritisation. Security teams simply can’t manually track and assess every device and alert. It’s a challenge we see with customers like the big US healthcare system MemorialCare, which runs more than 52,000 connected devices across their network.
Our platform automates the heavy lifting. Asimily continuously monitors device behaviour, automatically flags anomalies and correlates potential threats across your entire device fleet. But beyond just monitoring, we help teams work smarter through
intelligent risk prioritisation. Instead of drowning in alerts, teams get clear guidance on which devices and vulnerabilities need immediate attention versus which ones can wait.
The platform also streamlines remediation workflows by providing clear, actionable steps for addressing vulnerabilities. This means teams spend less time investigating issues and more time actually fixing them.
Pre-purchase risk assessment is a unique offering. Could you tell us more about how this works and how it influences an organisations decision to purchase?
Organisations often discover security issues with new IoT devices only after they’ve already deployed them, which can lead to costly replacements or complex workarounds. Our pre-purchase risk assessment capability changes this dynamic by letting organisations evaluate security risks before purchasing and deploying a new device.
The process works by analysing detailed device specifications and comparing them against our extensive database of known vulnerabilities, security patterns and manufacturer track records. We assess factors like the device’s communication protocols, update capabilities, authentication methods and potential network impact. This gives organisations a clear picture of potential security gaps before deployment.
As IoT ecosystems evolve, what new challenges do you foresee and how is Asimily preparing to address them?
One big one is cybercriminals increasingly using AI to automate attacks, making them more sophisticated and harder to detect. At the same time, organisations are rapidly expanding their IoT deployments, particularly in critical infrastructure and industrial settings where any security breach can have serious real-world consequences.
We’re staying ahead of these challenges by continuously enhancing our Machine Learning capabilities to detect and respond to emerging threat patterns. We’re also expanding our device knowledge base to support new types of IoT devices and protocols as they enter the market.
Device supply chain security is also becoming a growing concern. Organisations need to know not just whether a device is secure today, but whether its manufacturer has a history of addressing vulnerabilities and providing timely updates. Our pre-purchase risk assessment capabilities are specifically designed to address this growing challenge.
