ハニーポットで見るOWASP_IoT_TOP10.pdf
by
TK
Link
Embed
Share
Beginning
This slide
Copy link URL
Copy link URL
Copy iframe embed code
Copy iframe embed code
Copy javascript embed code
Copy javascript embed code
Share
Tweet
Share
Tweet
Slide 1
Slide 1 text
" OWASP IoT TOP10 !( $#')%&
Slide 2
Slide 2 text
Ffi] u @ookura1978 u :9 ?68e C/G) u g^$VL :9 ?68$ad!QPMJ =B12-; 40@A7,%'& https://tk-secu.hateblo.jp/ OWASP Nagoya356<$Zb#Wh u "#!:9 ?68!% cK#j_ SR& "$ `[H"!%&&kNE +.8>68%*( !U& O6I:9 ?65 Y\TXD
Slide 3
Slide 3 text
OWASP IoT TOP10$' The Open Web Application Security Project $ *9@- />B&1,=@4+%J) :?B4+*RMNL IoT/04<&1,=@4+F&YOG]TOP10 # KI .B9A$"[\ 87 ;36&SQ' XE& 87 ;36%U(! HCHC(#&5 2# P6I87 ;32 WZTVD
Slide 4
Slide 4 text
I1Weak, Guessable, or Hardcoded Passwords >2)(+6 =;50! *$,'". @
Slide 5
Slide 5 text
I2Insecure Network Services ! $# 8<% IoT$A .+,2 '( 0) &%" 63 639&65D;E!# CBF" :67/- 1+* ?@=>4
Slide 6
Slide 6 text
I3 Insecure Ecosystem Interfaces A A I W AP e T b6
Slide 7
Slide 7 text
I5Use of Insecure or Outdated Components *" (# ,) 7;+* ?>/, %.-( &$ ?>/ =< $!'3) 50 .4=< 2 I4Lack of Secure Update Mechanism /!'!+( ,) 16-%#&" 9:68(
Slide 8
Slide 8 text
I6Insufficient Privacy Protection 8 0-A>17' 7'!$)9 2(:4 I7Insecure Data Transfer and Storage D@#,*?C5 #,36&<;. :4 I8Lack of Device Management /'"7'%+7'=B7'C5 :4 6
Slide 9
Slide 9 text
I9Insecure Default Settings (.%! )$ +* H 8&%(? #'-,) "& IoT64D #'*$50>3 /-2B#+ $)'*:90FE ;G .= 761&%("!AC<@,
Slide 10
Slide 10 text
I10Lack of Physical Hardening ?57>3EUSB*& A HFG.6)' > :2/"!+,%8= @4 0; 961)(*$#CD
Slide 11
Slide 11 text
TW A 0 A I A 0 0 1 O A A A 0 A A P A TS A o 0 Fin 6 TS