From the course: IoT Product Security
Join today to access over 23,100 courses taught by industry experts.
OWASP Top 10: Part 1
From the course: IoT Product Security
OWASP Top 10: Part 1
Hi, I'm Matthew Clark. And this is Lesson 1.5: OWASP IoT Top 10, Part 1. In this lesson, we're going to discuss the first five of the OWASP IoT Top 10. This includes weak, guessable, or hardcoded passwords, insecure network services, insecure ecosystem interfaces, lack of secure update mechanism, and use of insecure or outdated components. So let's get started. So here it is, the OWASP IoT Top 10 list, the 2018 edition, which is the most current at this time. The OWASP IoT Top 10 list comprises the top 10 things that you should avoid at all cost. It's a list of weaknesses, and if it's on this list, then it's a pretty good reason for it. Daniel Missler is on the team that developed and put together the OWASP IoT Top 10. He gave a talk in October 2018. The link is in the reference materials, in which he spoke about the methodology of how this list was put together. They looked at a lot of different databases, such as the MVD, Bugcrowd, VRT, and other sources, as well as IoT projects…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.