This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP Internet of Things Top Ten Project
OWASP Internet of Things Top 10 ProjectOxford defines the Internet of Things as “a proposed development of the Internet in which everyday objects have network connectivity, allowing them to send and receive data.” The OWASP Internet of Things (IoT) Top 10 is a project designed to help vendors who are interested in making common appliances and gadgets network/Internet accessible. The project walks through the top ten security problems that are seen with IoT devices, and how to prevent them. Examples of IoT Devices: Cars, lighting systems, refrigerators, telephones, SCADA systems, traffic control systems, home security systems, TVs, DVRs, etc…
LicensingThe OWASP Internet of Things Top 10 is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.
|
What is the OWASP Internet of Things Top 10?The OWASP Internet of Things Top 10 provides:
And for each Risk it provides:
Project Leaders
Related Projects
|
Quick DownloadEmail ListNews and EventsClassifications
| |||||||
The OWASP Internet of Things Top 10 - 2014 is as follows:
- Insecure Web Interface
- A2 Broken Authentication and Session Management
- A3 Cross-Site Scripting (XSS)
- A4 Insecure Direct Object References
- A5 Security Misconfiguration
- A6 Sensitive Data Exposure
- A7 Missing Function Level Access Control
- A8 Cross-Site Request Forgery (CSRF)
- A9 Using Components with Known Vulnerabilities
- A10 Unvalidated Redirects and Forwards
Introduction
Oxford defines the Internet of Things as “a proposed development of the Internet in which everyday objects have network connectivity, allowing them to send and receive data.”
The OWASP Internet of Things (IoT) Top 10 is a project designed to help vendors who are interested in making common appliances and gadgets network/Internet accessible. The project walks through the top ten security problems that are seen with IoT devices, and how to prevent them.
Examples of IoT Devices: Cars, lighting systems, refrigerators, telephones, SCADA systems, traffic control systems, home security systems, TVs, DVRs, etc…
2013 Versions
2013 Edition:
- OWASP Top 10 2013 - PDF
- OWASP Top 10 2013 - wiki
- OWASP Top 10 2013 - French (PDF).
- OWASP Top 10 2013 - Chinese (PDF).
- OWASP Top 10 2013 - Korea (PDF).
- OWASP Top 10 2013 - Brazilian Portuguese (PDF).
- OWASP Top 10 2013 - Japanese (PDF).
- OWASP Top 10 2013 - Arabic (PDF).
- OWASP Top 10 2013 - Spanish (PDF).
- OWASP Top 10 2013 - Hebrew (PDF direct download).
- OWASP Top 10 - 2013 - Release Candidate
- OWASP Top 10 - 2013 - Final Release - Change Log (docx)
Feedback
Please let us know how your organization is using the Top Ten. Include your name, organization's name, and brief description of how you use the list. Thanks for supporting OWASP!
We hope you find the information in the OWASP Top Ten useful. Please contribute back to the project by sending your comments, questions, and suggestions to [email protected] Thanks!
To join the OWASP Top Ten mailing list or view the archives, please visit the subscription page.
Project Sponsors
The OWASP Top Ten project is sponsored by 
| PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
| |||||||||||||||||||||||||||||||||||
