Slide 1
Slide 1 text
"
OWASP IoT TOP10
!
(
$#
')%&
Slide 2
Slide 2 text
Ffi]
u
@ookura1978
u :9 ?68e
C/G)
u g^$VL
:9 ?68$ad!QPMJ
=B1
2-; 40@A7,%'&
https://tk-secu.hateblo.jp/
OWASP Nagoya356<$Zb#Wh
u
"#!
:9 ?68!%
cK#j_ SR &
"$ `[H"!%&
&
kNE +.8>68%
*(
!U
&
O6I:9 ?65 Y\TXD
Slide 3
Slide 3 text
OWASP IoT TOP10$'
The Open Web Application Security Project
$
*9@-
/>B&1,=@4+%J )
:?B4+*RM
NL
IoT/04<&1,=@4+F&YOG]TOP10
#
KI
.B9A$
"[\
87
;36&SQ'
XE&
87
;36%U(! HCHC(#&5
2#
P6I87
;32
WZTVD
Slide 4
Slide 4 text
I1Weak, Guessable, or Hardcoded Passwords
>
2)(+6
=;50! *$,'".
@
Slide 5
Slide 5 text
I2Insecure Network Services
!
$#
8
< %
IoT$A .+,2 '( 0)
&%
"
6
3
63 9
&65D;E!#
CBF"
:67/- 1+* ?@=>4
Slide 6
Slide 6 text
I3 Insecure Ecosystem Interfaces
A A
I W AP
e
T
b6
Slide 7
Slide 7 text
I5Use of Insecure or Outdated Components
*
"
(#
,)
7;+*
?>/,
%
.-
( &$
?>/
=<
$!'3)
50
.4=<
2
I4Lack of Secure Update Mechanism
/
!'
!+(
,)
16-%#&" 9:68(
Slide 8
Slide 8 text
I6Insufficient Privacy Protection
8 0-A>17'
7'
!$)9
2(
:4
I7Insecure Data Transfer and Storage
D@#,
*?C5
#,36&<;.
:4
I8Lack of Device Management
/'"
7'%+7'=B7'C5
:4
6
Slide 9
Slide 9 text
I9Insecure Default Settings
(.
%!
)$
+*
H 8&%(?
#'
-,
)
"&
IoT64D
#' *$50>3
/-2B
#
+ $)'
*:90
FE
;G
.=
761&%("!AC<@,
Slide 10
Slide 10 text
I10Lack of Physical Hardening
?57>
3EUSB*& A
HFG.6)'
>
:2/"!+,%
8
=
@4
0;
961)(*$#CD
Slide 11
Slide 11 text
TW A 0
A I A
0
0 1 O A
A
A 0
A A P A
TS A o 0
Fin
6 TS