This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Top 10 IoT Vulnerabilities (2014)"
From OWASP
Craig Smith (talk | contribs) (Created page with "For each attack surface areas, the following sections are included: * A description of the attack surface * Threat agents * Attack vectors * Security weaknesses * Technical i...") |
Craig Smith (talk | contribs) |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | <center>[https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project#tab=Top_10_IoT_Vulnerabilities__282014_29 Back To The Top 10 Iot Vulnerabilities Project]</center> | ||
| + | |||
For each attack surface areas, the following sections are included: | For each attack surface areas, the following sections are included: | ||
Latest revision as of 23:00, 1 December 2015
For each attack surface areas, the following sections are included:
- A description of the attack surface
- Threat agents
- Attack vectors
- Security weaknesses
- Technical impacts
- Business impacts
- Example vulnerabilities
- Example attacks
- Guidance on how to avoid the issue
- References to OWASP and other related resources
- I1 Insecure Web Interface
- I2 Insufficient Authentication/Authorization
- I3 Insecure Network Services
- I4 Lack of Transport Encryption
- I5 Privacy Concerns
- I6 Insecure Cloud Interface
- I7 Insecure Mobile Interface
- I8 Insufficient Security Configurability
- I9 Insecure Software/Firmware
- I10 Poor Physical Security
