Upgrade to Pro — share decks privately, control downloads, hide ads and more …

ハニーポットで見るOWASP_IoT_TOP10.pdf

Sponsored · Ship Features Fearlessly Turn features on and off without deploys. Used by thousands of Ruby developers.
Avatar for TK TK
March 09, 2019
Technology
1k
1

 ハニーポットで見るOWASP_IoT_TOP10.pdf

第6回ハニーポッター技術交流会で使用した資料です。

Avatar for TK

TK

March 09, 2019

More Decks by TK

See All by TK
サイバーセキュリティとISMS
Avatar for TK okura
3
360
オワスプナイトナゴヤ#2 LT資料
Avatar for TK okura
1
2.2k

Other Decks in Technology

See All in Technology
新しいUbuntu/GNOMEが使いたいからXからWaylandへ移行頑張ってるの巻 2026-06-20
Avatar for Nobuto Murata nobutomurata
0
130
中期計画、2回作ってみた ~業務委託と正社員、両方の視点から~
Avatar for 株式会社出前館 demaecan
1
890
2026TECHFRESH畢業分享會 - AI 時代的人生存檔點
Avatar for LINE Developers Taiwan line_developers_tw
PRO
0
1.1k
【セミナー資料】Claude Code をセキュアに使うための考え方と設定の勘どころ / Claude Code Webinar 20260616
Avatar for MasahiroKawahara masahirokawahara
2
360
現地で盛り上がった WWDC26 Keynote
Avatar for ZOZO Developers zozotech
PRO
1
250
Agent Skills設計で柔軟性と硬さのバランスが難しい話
Avatar for nassy nassy20
0
130
Oracle AI Database@Azure:サービス概要のご紹介
Avatar for oracle4engineer oracle4engineer
PRO
6
2k
200個のGitHubリポジトリを横断調査したかった
Avatar for Issei.Komori icck
0
130
2026 TECHFRESH 畢業分享會 - AI-Native 重塑軟體工程與虛擬講師
Avatar for LINE Developers Taiwan line_developers_tw
PRO
0
1.1k
iAEONの段階的リアーキテクト戦略 / iAEON's_Gradual_Re-architecture_Strategy
Avatar for AEON aeonpeople
0
140
2026年6月23日 Syncable Tech + Start Python Club にて
Avatar for Kimikazu Kato hamukazu
0
120
就職⽀援サービスにおけるキャリアアドバイザーのシフトスケジューリング
Avatar for Recruit recruitengineers
PRO
1
150

Featured

See All Featured
Lessons Learnt from Crawling 1000+ Websites
Avatar for Charles Meaden charlesmeaden
PRO
1
1.3k
Taking LLMs out of the black box: A practical guide to human-in-the-loop distillation
Avatar for Ines Montani inesmontani
PRO
3
2.3k
How To Speak Unicorn (iThemes Webinar)
Avatar for Michelle Schulp Hunt marktimemedia
1
480
It's Worth the Effort
Avatar for 3n 3n
188
29k
Exploring the relationship between traditional SERPs and Gen AI search
Avatar for Ray Grieselhuber raygrieselhuber
PRO
2
4k
Agile Actions for Facilitating Distributed Teams - ADO2019
Avatar for Mark Kilby mkilby
0
210
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
Avatar for Eileen M. Uchitelle eileencodes
28
3.5k
KATA
Avatar for Megan Lloyd mclloyd
PRO
35
15k
Heart Work Chapter 1 - Part 1
Avatar for Lake Fama lfama
PRO
7
36k
More Than Pixels: Becoming A User Experience Designer
Avatar for Michelle Schulp Hunt marktimemedia
3
440
The Organizational Zoo: Understanding Human Behavior Agility Through Metaphoric Constructive Conversations (based on the works of Arthur Shelley, Ph.D)
Avatar for Dr. Kim W Petersen kimpetersen
PRO
0
360
How Fast Is Fast Enough? [PerfNow 2025]
Avatar for Tammy Everts tammyeverts
3
610

Transcript

  1.  " OWASP IoT TOP10 ! ( $#  ')%&

    

  2. Ffi] u  @ookura1978 u :9 ?68e C/G) u g^$VL

    :9 ?68$ad!QPMJ =B1 2-; 40@A7,%'& https://tk-secu.hateblo.jp/ OWASP Nagoya356<$Zb#Wh u "#!:9 ?68!% cK#j_ SR& "$ `[H"!%&&kNE +.8>68%*( !U& O6I:9 ?65 Y\TXD

  3. OWASP IoT TOP10$'   The Open Web Application Security

    Project $ *9@- />B&1,=@4+%J) :?B4+*RMNL IoT/04<&1,=@4+F&YOG]TOP10 # KI .B9A$"[\ 87 ;36&SQ' XE& 87 ;36%U(! HCHC(#&5 2# P6I87 ;32 WZTVD

  4. I1Weak, Guessable, or Hardcoded Passwords     

    > 2)(+6     =;50! *$,'".  @<?74)'#'! *$,'   16/)(+&%9:38-

  5. I2Insecure Network Services   !   $# 

    8<% IoT$A .+,2 '( 0)  &% "  6 3 639 &65D;E!# CBF" :67/- 1+* ?@=>4

  6. I3 Insecure Ecosystem Interfaces     A A

    I W AP e T b6

  7. I5Use of Insecure or Outdated Components *"   (#

    ,)  7;+*  ?>/,  % .- ( &$  ?>/ =< $!'3) 50   .4=< 2   I4Lack of Secure Update Mechanism /!' !+( ,)  16-%#&" 9:68(

  8. I6Insufficient Privacy Protection 8 0-A>17'  7' !$)9 2( :4

     I7Insecure Data Transfer and Storage D@#,*?C5 #,36&<;. :4  I8Lack of Device Management /'"7'%+7'=B7'C5  :4  6 

  9. I9Insecure Default Settings  (. %! )$  +* 

    H 8&%(? #' -, )   "&  IoT64D #'*$50>3  /-2B #+ $)'*:90 FE  ;G  .=  761&%("!AC<@,

  10. I10Lack of Physical Hardening      

     ?57> 3EUSB*& A   HFG.6)'  >  :2/"!+,%8= @4  0;  961)(*$#CD<B-

  11. TW A 0 A I A 0 0 1 O

    A A  A 0 A A P A TS A o 0       Fin 6 TS