Auditing Of IoT Devices

Presented at BSidesLV 2017, July 26, 2017, 2 p.m. (235 minutes)

In this workshop we will show a workflow to analyze security posture of an IoT device. We will start with a high level evaluation of architecture of solution (IoT device - mobile app - cloud) and proceed to specific techniques and tools most effective for vulnerability search on IoT devices. Information shared in this workshop will allow you to quickly identify vulnerabilities present in your device using a set of documented actions.

Presenters:

• Vladimir Zakharevich - Sr. Security Researcher - SpiderLabs Team at Trustwave
  Vladimir Zakharevich is a Senior Security Researcher at Trustwave SpiderLabs, based out of New York. At SpiderLabs he is working on vulnerability research and product development of vulnerability assessment software. His focus is security of IoT, mobile applications and databases. He is also interested in the impact of IoT devices on privacy. In his spare time, Vladimir keeps busy tinkering with inventions, learning by taking things apart, honing his coffee-making skills and tirelessly pursuing strange foods.
• Martin Rakhmanov - Security Research Manager - Trustwave
  Martin Rakhmanov is a Security Research Manager at Trustwave SpiderLabs where his focus is database vulnerability research and product development.

Links:

• https://bsideslv2017.sched.com/event/BNFM/auditing-of-iot-devices

Tags:

• IoT

Similar Presentations:

• NolaCon 2017 / Hacking the IoT: A Case Study
• THOTCON 0xA (2019) / When Refrigerators Attack - Defending (and weaponizing) IoT
• Black Hat Europe 2019 / Sneak into Your Room: Security Holes in the Integration and Management of Messaging Protocols on Commercial IoT Clouds