Save 37% off PRO during our Black Friday Sale! »

ハニーポットで見るOWASP_IoT_TOP10.pdf

3c349cf807435f021b4e554c3d001287?s=47 TK
March 09, 2019
Technology
1
640

 ハニーポットで見るOWASP_IoT_TOP10.pdf

第6回ハニーポッター技術交流会で使用した資料です。

3c349cf807435f021b4e554c3d001287?s=128

TK

March 09, 2019
Tweet

More Decks by TK

See All by TK
3c349cf807435f021b4e554c3d001287?s=48 okura
3
270
3c349cf807435f021b4e554c3d001287?s=48 okura
1
1.2k

Other Decks in Technology

See All in Technology
3933b943fb70400bbc26f3cb78d8204c?s=48 sakiengineer
2
870
7b1f62709e6b808406596d8676f7f09c?s=48 udayan28
0
110
D0f5daa7cc3a26140c06ea29e5e235cc?s=48 noriyukitakei
0
700
D65ac1a4aacb7a449bb61cef10fb7143?s=48 yamanoku
3
790
8fa31051503b09846584c49cd53d2f80?s=48 asei
0
280
Fc815be82d09a2e922d4000b65b9f83b?s=48 74th
0
360
950776c7623253d1ccd37e3cd32fa58f?s=48 indigolain
2
910
40638b9e3a098313234f358d35103735?s=48 y150saya
0
930
Dd228ece3eac622c0b1b5f71f54b29ea?s=48 chisaton
0
220
73c9d1065e0075a9da6e404e08fe77fb?s=48 siroitori0413
0
140
942bb606679caf4c57b38927f83178e1?s=48 qsona
13
4.5k
B46a00cafe34a9437d3a5bc6afc5bee3?s=48 aditya45
1
370

Featured

See All Featured
245cee81a9c424266e5e401d844ea881?s=48 lara
596
62k
D09fad3e36ae6841f54820be0e907f7a?s=48 rocio
156
12k
5f83ef806155b403c3393160ce51f955?s=48 jlugia
218
16k
1519587b1a0febb658c36c94f6272b0d?s=48 roundedbygravity
85
8.2k
0438ae60cde4c7add6f9da48f28c15cc?s=48 chrisshort
6
28k
95d9f37115fbb0d13135d0f77132f856?s=48 morganepeng
100
15k
9cde37f47e4a800ea081ea42de8d749a?s=48 dougneiner
123
8.3k
20bfe76b3d6105641f879fe45cfc9272?s=48 bkeepers
PRO
415
58k
Ded01cdab114abe4ec13511e4c25b9bb?s=48 andyhume
67
4.6k
0bce06bd06ee7a2c4f5500f25dcf7f18?s=48 paulrobertlloyd
74
1.7k
A16eb159db895e3b01d3dc95767ad595?s=48 jonyablonski
40
1.8k
2bb923c57a1fdc3a2eb484bb8d565fd2?s=48 ufuk
61
7.3k

Transcript

  1.  " OWASP IoT TOP10 ! ( $#  ')%&

    

  2. Ffi] u  @ookura1978 u :9 ?68e C/G) u g^$VL

    :9 ?68$ad!QPMJ =B1 2-; 40@A7,%'& https://tk-secu.hateblo.jp/ OWASP Nagoya356<$Zb#Wh u "#!:9 ?68!% cK#j_ SR& "$ `[H"!%&&kNE +.8>68%*( !U& O6I:9 ?65 Y\TXD

  3. OWASP IoT TOP10$'   The Open Web Application Security

    Project $ *9@- />B&1,=@4+%J) :?B4+*RMNL IoT/04<&1,=@4+F&YOG]TOP10 # KI .B9A$"[\ 87 ;36&SQ' XE& 87 ;36%U(! HCHC(#&5 2# P6I87 ;32 WZTVD

  4. I1Weak, Guessable, or Hardcoded Passwords     

    > 2)(+6     =;50! *$,'".  @<?74)'#'! *$,'   16/)(+&%9:38-

  5. I2Insecure Network Services   !   $# 

    8<% IoT$A .+,2 '( 0)  &% "  6 3 639 &65D;E!# CBF" :67/- 1+* ?@=>4

  6. I3 Insecure Ecosystem Interfaces     A A

    I W AP e T b6

  7. I5Use of Insecure or Outdated Components *"   (#

    ,)  7;+*  ?>/,  % .- ( &$  ?>/ =< $!'3) 50   .4=< 2   I4Lack of Secure Update Mechanism /!' !+( ,)  16-%#&" 9:68(

  8. I6Insufficient Privacy Protection 8 0-A>17'  7' !$)9 2( :4

     I7Insecure Data Transfer and Storage D@#,*?C5 #,36&<;. :4  I8Lack of Device Management /'"7'%+7'=B7'C5  :4  6 

  9. I9Insecure Default Settings  (. %! )$  +* 

    H 8&%(? #' -, )   "&  IoT64D #'*$50>3  /-2B #+ $)'*:90 FE  ;G  .=  761&%("!AC<@,

  10. I10Lack of Physical Hardening      

     ?57> 3EUSB*& A   HFG.6)'  >  :2/"!+,%8= @4  0;  961)(*$#CD<B-

  11. TW A 0 A I A 0 0 1 O

    A A  A 0 A A P A TS A o 0       Fin 6 TS