Known vulnerabilities in IoT and motivations
Module duration: 2 hours
Module overview
This training module covers different IoT security vulnerabilities starting from real case attacks that occured on several IoT devices. Leveraging the OWASP Internet of Things Project as reference security framework, we present each class of IoT vulnerability and a real case attack which exploited it. Finally, we suggest several security requirements that aim to mitigate the explored security issue.
Objective of this module
The goal of this module is to explore the world of IoT devices, focusing on their vulnerabilities. It is done following the OWASP IoT Top 10, i.e., the most common vulnerabilities affecting the IoT devices, with the aim of showing what an IoT device manufacturer must consider and some ways to mitigate their effects.
What you will learn:
01.
What an IoT device is
02.
Which are the OWASP Top 10 vulnerabilities on IoT
03.
How to secure an IoT device through the ISVS.
You will cover:
This module covers the following topics:
• Introduction to the IoT ecosystems
• Security attack surface of IoT
• Exploration of the most common IoT flows, following the OWASP Top 10 vulnerabilities
• Description of real-case scenario attacks
• Presentation of OWASP framework for securing IoT devices
This module is
intended for:
The target of this module is suppliers of IoT devices, as well as developers and technical figures who will directly act in the production, testing, and realization of such devices. It can also be a way to broaden personal knowledge about IoT and real cases of attacks on them, which exploit some common vulnerabilities.
