|By Peter Silva||
|August 17, 2014 08:15 PM EDT||
The Open Web Application Security Project (OWASP) is focused on improving the security of software. Their mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks and their OWASP Top 10 provides a list of the 10 Most Critical Security Risks. For each risk it provides a description, example vulnerabilities, example attacks, guidance on how to avoid and references to OWASP and other related resources. Many of you are familiar with their Top 10 Most Critical Web Application Security Risks. They provide the list for awareness and guidance on some of the critical web applications security areas to address. It is a great list and many security vendors point to it to show the types of attacks that can be mitigated.
Now the Internet of Things (IoT) has its own OWASP Top 10.
If you’ve lived under a rock for the past year, IoT or as I like to call it, the Internet of Nouns, is this era where everyday objects – refrigerators, toasters, thermostats, cars, sensors, etc – are connected to the internet and can send and receive data. There have been tons of articles covering IoT over the last 6 months or so, including some of my own.
The OWASP Internet of Things (IoT) Top 10 is a project designed to help vendors who are interested in making common appliances and gadgets network/Internet accessible. The project walks through the top ten security problems that are seen with IoT devices, and how to prevent them.
The OWASP Internet of Things Top 10 – 2014 is as follows:
- 1 Insecure Web Interface
- 2 Insufficient Authentication/Authorization
- 3 Insecure Network Services
- 4 Lack of Transport Encryption
- 5 Privacy Concerns
- 6 Insecure Cloud Interface
- 7 Insecure Mobile Interface
- 8 Insufficient Security Configurability
- 9 Insecure Software/Firmware
- 10 Poor Physical Security
You can click on each to get a detailed view on the threat agents, attack vectors, security weaknesses, along with the technical and business impacts. They also list any privacy concerns along with example attack scenarios. Good stuff!
- The Icebox Cometh
- The Applications of Our Lives
- Standards for ‘Things’
- Securing the Internet of Things: is the web already breaking up?
- 4 things that will happen in the Internet of Things space in 2014
- Tech’s brightest unconvinced by internet of things
- OWASP Internet of Things Top 10
|Connect with Peter:||Connect with F5:|
The IoTs will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform. In his session at @ThingsExpo, Craig Sproule, CEO of Metavine, will demonstrate how to move beyond today's coding paradigm and share the must-have mindsets for removing complexity from the development proc...
May. 5, 2016 06:00 PM EDT Reads: 1,022
We’ve worked with dozens of early adopters across numerous industries and will debunk common misperceptions, which starts with understanding that many of the connected products we’ll use over the next 5 years are already products, they’re just not yet connected. With an IoT product, time-in-market provides much more essential feedback than ever before. Innovation comes from what you do with the data that the connected product provides in order to enhance the customer experience and optimize busi...
May. 5, 2016 06:00 PM EDT Reads: 1,354
May. 5, 2016 05:00 PM EDT Reads: 1,262
May. 5, 2016 05:00 PM EDT Reads: 1,355
May. 5, 2016 04:00 PM EDT Reads: 755
May. 5, 2016 04:00 PM EDT Reads: 1,177
May. 5, 2016 03:45 PM EDT Reads: 705
May. 5, 2016 03:00 PM EDT Reads: 1,166
May. 5, 2016 02:45 PM EDT Reads: 1,057
May. 5, 2016 02:39 PM EDT Reads: 258
May. 5, 2016 02:30 PM EDT Reads: 1,200
May. 5, 2016 02:30 PM EDT Reads: 1,482
May. 5, 2016 01:45 PM EDT Reads: 749
May. 5, 2016 01:30 PM EDT Reads: 1,131
May. 5, 2016 01:30 PM EDT Reads: 575