This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Internet of Things Top Ten Project"
From OWASP
Line 134: | Line 134: | ||
This goal of this page is help manufacturers build more secure products in the Internet of Things space. The guidance below is at a basic level, giving builders of products a basic set of guidelines to consider from their perspective. This is not a comprehensive list of considerations, and should not be treated as such, but ensuring that these fundamentals are covered will greatly improve the security of any IoT product. | This goal of this page is help manufacturers build more secure products in the Internet of Things space. The guidance below is at a basic level, giving builders of products a basic set of guidelines to consider from their perspective. This is not a comprehensive list of considerations, and should not be treated as such, but ensuring that these fundamentals are covered will greatly improve the security of any IoT product. | ||
− | {| border="1" class="wikitable | + | {| border="1" class="wikitable" |
− | | | + | | |
! Category | ! Category | ||
! IoT Security Consideration | ! IoT Security Consideration | ||
− | |- | + | |- |
! I1: Insecure Web Interface | ! I1: Insecure Web Interface | ||
| * Ensure that any web interface present in the product disallows weak passwords | | * Ensure that any web interface present in the product disallows weak passwords | ||
* Ensure that any web interface present in the product has an account lockout mechanism | * Ensure that any web interface present in the product has an account lockout mechanism | ||
− | |- | + | |- |
! I2: Next Category | ! I2: Next Category | ||
| * Those | | * Those |
Revision as of 22:44, 5 February 2015