ハニーポットで見るOWASP_IoT_TOP10.pdf

" OWASP IoT TOP10 ! ( $# ')%&

Ffi] u @ookura1978 u :9 ?68e C/G) u g^$VL
:9 ?68$ad!QPMJ =B1 2-; 40@A7,%'& https://tk-secu.hateblo.jp/ OWASP Nagoya356<$Zb#Wh u "#!:9 ?68!% cK#j_ SR& "$ `[H"!%&&kNE +.8>68%*( !U& O6I:9 ?65 Y\TXD

OWASP IoT TOP10$' The Open Web Application Security
Project $ *9@- />B&1,=@4+%J) :?B4+*RMNL IoT/04<&1,=@4+F&YOG]TOP10 # KI .B9A$"[\ 87 ;36&SQ' XE& 87 ;36%U(! HCHC(#&5 2# P6I87 ;32 WZTVD

I1Weak, Guessable, or Hardcoded Passwords
> 2)(+6 =;50! *$,'". @<?74)'#'! *$,' 16/)(+&%9:38-

I2Insecure Network Services ! $#
8<% IoT$A .+,2 '( 0) &% " 6 3 639 &65D;E!# CBF" :67/- 1+* ?@=>4

I3 Insecure Ecosystem Interfaces A A
I W AP e T b6

I5Use of Insecure or Outdated Components *" (#
,) 7;+* ?>/, % .- ( &$ ?>/ =< $!'3) 50 .4=< 2 I4Lack of Secure Update Mechanism /!' !+( ,) 16-%#&" 9:68(

I6Insufficient Privacy Protection 8 0-A>17' 7' !$)9 2( :4
I7Insecure Data Transfer and Storage D@#,*?C5 #,36&<;. :4 I8Lack of Device Management /'"7'%+7'=B7'C5 :4 6

I9Insecure Default Settings (. %! )$ +*
H 8&%(? #' -, ) "& IoT64D #'*$50>3 /-2B #+ $)'*:90 FE ;G .= 761&%("!AC<@,

I10Lack of Physical Hardening
?57> 3EUSB*& A HFG.6)' > :2/"!+,%8= @4 0; 961)(*$#CD<B-

TW A 0 A I A 0 0 1 O
A A A 0 A A P A TS A o 0 Fin 6 TS

ハニーポットで見るOWASP_IoT_TOP10.pdf

ハニーポットで見るOWASP_IoT_TOP10.pdf

TK

More Decks by TK

Other Decks in Technology

Featured

Transcript

" OWASP IoT TOP10 ! ( $# ')%&

Ffi] u @ookura1978 u :9 ?68e C/G) u g^$VL

OWASP IoT TOP10$' The Open Web Application Security

I1Weak, Guessable, or Hardcoded Passwords

I2Insecure Network Services ! $#

I3 Insecure Ecosystem Interfaces A A

I5Use of Insecure or Outdated Components *" (#

I6Insufficient Privacy Protection 8 0-A>17' 7' !$)9 2( :4

I9Insecure Default Settings (. %! )$ +*

I10Lack of Physical Hardening

TW A 0 A I A 0 0 1 O