IoT is a rapidly growing industry with thousands of new devices being released each month. With such a race to market, security is often an after-thought, leading to exploitable vulnerabilities that place user data and organizational infrastructure at risk. Securing IoT devices and their support infrastructure must take a “baked-in,” not “bolted-on” approach. Abricto Security will assess IoT devices to identify all attack surface areas. We then attempt to breach the device’s data, compromise its operating system and ultimately intercept its communications.
Areas of Focus:
- Data Encryption
- Physical and Logical Management Interfaces
- Data Transmission Security
- Embedded OS Security Configurations
- 3rd Party Dependencies and Integrat
- Update Mechanisms
- Executive summary outlining current IoT security posture.
- Technical report detailing access obtained, tools and methods used.
- Walk-through of exploitation scenarios.
- Assessment artifacts including captured communications, dumped firmware and configuration files.