ES-2010 "Exploit” The State of Embedded Web Security in IoT Devices !

Presented at Texas Cyber Summit 2019, Oct. 11, 2019, 2:30 p.m. (60 minutes)

Threats in IOT space are increasing at an exponential scale. One of the stringent issue encountered in the IoT devices is the management and deployment of embedded web servers and security controls associated with them. A number of security flaws exist due to the inability of imposing strong authentication and authorization controls at the granular level. In addition, bad design practices result in giving birth to inherent vulnerabilities. This talk highlights the state of security in embedded web servers by presenting undisclosed vulnerabilities in IOT devices. Additionally, the talk unveils how the embedded web servers used in IOT devices are exploited by adversaries to trigger advanced cyber attacks. There will be demonstrations and associated proof of concepts codes will be released.


  • Aditya K Sood - Symantec
    Dr. Sood is an information security practitioner and researcher by profession. Dr. Sood has research interests in malware automation and analysis, cloud security, secure software design and cybersecurity. He is also a founder of SecNiche Security Labs, an independent web portal for sharing research with security community. He has authored several papers for various magazines and journals including IEEE, Elsevier, CrossTalk, ISACA, Virus Bulletin, Usenix and others. His work has been featured in several media outlets including Associated Press, Fox News, The Register, Guardian, Business Insider, Kaspersky Threatpost, CBC and others. He has been an active speaker at industry conferences and presented at BlackHat, DEFCON, HackInTheBox, RSA, Virus Bulletin, OWASP and many others. Currently, Dr. Sood directs the security efforts for Symantec. Dr. Sood obtained his Ph.D from Michigan State University in Computer Sciences. Dr. Sood is also an author of "Targeted Cyber Attacks" book published by Syngress.


Similar Presentations: