Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Speaker Deck
PRO
Sign in
Sign up
for free
ハニーポットで見るOWASP_IoT_TOP10.pdf
TK
March 09, 2019
Technology
1
560
ハニーポットで見るOWASP_IoT_TOP10.pdf
第6回ハニーポッター技術交流会で使用した資料です。
TK
March 09, 2019
Tweet
Share
More Decks by TK
See All by TK
okura
3
250
okura
1
1.1k
Other Decks in Technology
See All in Technology
futo23
1
260
lmi
2
790
subroh0508
4
220
lancers_pr
4
1.4k
viva_tweet_x
1
350
xecus
0
170
raykataoka
9
7.6k
karabish
0
170
pohjus
1
740
clustervr
0
130
clustervr
0
160
opdavies
0
1.7k
Featured
See All Featured
chriscoyier
684
180k
samanthasiow
56
6.3k
brad_frost
157
6.4k
tmm1
61
9.2k
frogandcode
128
20k
bryan
100
11k
danielanewman
200
20k
lemiorhan
627
43k
eileencodes
113
25k
pauljervisheath
196
15k
jponch
103
5k
smashingmag
230
18k
Transcript
" OWASP IoT TOP10 ! ( $# ')%&
Ffi] u @ookura1978 u :9 ?68e C/G) u g^$VL
:9 ?68$ad!QPMJ =B1 2-; 40@A7,%'& https://tk-secu.hateblo.jp/ OWASP Nagoya356<$Zb#Wh u "#!:9 ?68!% cK#j_ SR& "$ `[H"!%&&kNE +.8>68%*( !U& O6I:9 ?65 Y\TXD
OWASP IoT TOP10$' The Open Web Application Security
Project $ *9@- />B&1,=@4+%J) :?B4+*RMNL IoT/04<&1,=@4+F&YOG]TOP10 # KI .B9A$"[\ 87 ;36&SQ' XE& 87 ;36%U(! HCHC(#&5 2# P6I87 ;32 WZTVD
I1Weak, Guessable, or Hardcoded Passwords
> 2)(+6 =;50! *$,'". @<?74)'#'! *$,' 16/)(+&%9:38-
I2Insecure Network Services ! $#
8<% IoT$A .+,2 '( 0) &% " 6 3 639 &65D;E!# CBF" :67/- 1+* ?@=>4
I3 Insecure Ecosystem Interfaces A A
I W AP e T b6
I5Use of Insecure or Outdated Components *" (#
,) 7;+* ?>/, % .- ( &$ ?>/ =< $!'3) 50 .4=< 2 I4Lack of Secure Update Mechanism /!' !+( ,) 16-%#&" 9:68(
I6Insufficient Privacy Protection 8 0-A>17' 7' !$)9 2( :4
I7Insecure Data Transfer and Storage D@#,*?C5 #,36&<;. :4 I8Lack of Device Management /'"7'%+7'=B7'C5 :4 6
I9Insecure Default Settings (. %! )$ +*
H 8&%(? #' -, ) "& IoT64D #'*$50>3 /-2B #+ $)'*:90 FE ;G .= 761&%("!AC<@,
I10Lack of Physical Hardening
?57> 3EUSB*& A HFG.6)' > :2/"!+,%8= @4 0; 961)(*$#CD<B-
TW A 0 A I A 0 0 1 O
A A A 0 A A P A TS A o 0 Fin 6 TS