I Don't Give One IoTA: Introducing the Internet of Things Attack Methodology
- Thursday, March 16th, 2017 at 3:00 PM EST (19:00:00 UTC)
- Larry Pesce
You can now attend the webcast using your mobile device!
Attacking and assessing IoT can easily miss the forest for the trees. However we need to be comprehensive in our methodology and not end up down a rabbit hole; we need to know how the wind affects each tree, but also the forest as a whole. We even need to make sure we consider the trailer park adjacent to the forest, which may not be quite as resilient to a tornado. We're here to pass along a methodology for testing all of the components of any end-to end IoT solution; from end user hardware, proprietary and standards-based RF (Zigbee, Zwave, BLE/Bluetooth and all sorts of modulation), Wi-Fi, network protocols, mobile device applications (Android and iOS), internet-connected servers, web applications and databases. Come learn how to build a testing lab, investigate some testing tools, and how to apply to a real world test.
Larry Pesce is a Senior Security Analyst with InGuardians. His recent experience includes providing penetration assessment, architecture review, hardware security assessment, wireless/radio analysis, and policy and procedure development for a wide range of industries including those in the financial, retail, and healthcare verticals. Larry is an accomplished speaker, having presented numerous times at industry conferences such as DEF CON, Shmoocon, Derbycon and Hack3rcon, as well as the co-host of the long running multi-award winning Security Podcast, Paul's Security Weekly. Larry is a certified instructor with the SANS Institute, where he also holds his GAWN, GCIH and GCFA certifications. Larry is a graduate of Roger Williams University, with a bachelor's degree in Computer Information Systems. In his spare time he likes to tinker with all things electronic and wireless. Larry is an amateur radio operator holding his Extra class license and is regularly involved in emergency communications activities.