Difference between revisions of "OWASP Internet of Things Top Ten Project"

From OWASP
Jump to: navigation, search
(Created page with "=Main= <div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">link=</div> {| style="padding: 0;margin:0;margin-top:10px;t...")
 
Line 6: Line 6:
 
| valign="top"  style="border-right: 1px dotted gray;padding-right:25px;" |
 
| valign="top"  style="border-right: 1px dotted gray;padding-right:25px;" |
  
==OWASP XXX==
+
==OWASP Internet of Things Top Ten Project==
  
OWASP XXX is...
+
Oxford defines the Internet of Things as “a proposed development of the Internet in which everyday objects have network connectivity, allowing them to send and receive data.”
 +
 
 +
The OWASP Internet of Things (IoT) Top 10 is a project designed to help vendors who are interested in making common appliances and gadgets network/Internet accessible. The project walks through the top ten security problems that are seen with IoT devices, and how to prevent them.
 +
 
 +
Examples of IoT Devices: Cars, lighting systems, refrigerators, telephones, SCADA systems, traffic control systems, home security systems, TVs, DVRs, etc…
 +
 
 +
#Internet of Things Top 10 (tentative):
 +
#Administrative Interface with Weak/Default Credentials
 +
#Buffer Overflow of Available Network Service
 +
#Lack of Network Encryption
 +
#Insecure Software Update System
 +
#Denial of Service
 +
#Information Disclosure Through Network Services
 +
#Insecure Web Interface
 +
#Network Attack Magnification
 +
#Trivial Physical Security Bypass
 +
#Poor Security Management Capabilities
  
 
==Introduction==
 
==Introduction==
Line 22: Line 38:
  
 
==Licensing==
 
==Licensing==
OWASP XXX is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.
+
The OWASP Internet of Things Top Ten Project is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.
  
  
 
| valign="top"  style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
 
| valign="top"  style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
  
== What is XXX? ==
+
== What is the OWASP Internet of Things Top Ten Project? ==
  
OWASP XXX provides:
+
The OWASP Internet of Things Top Ten Project provides:
  
 
* xxx
 
* xxx
Line 44: Line 60:
 
== Project Leader ==
 
== Project Leader ==
  
Project leader's name
+
Daniel Miessler
  
  
Line 81: Line 97:
 
   | colspan="2" align="center"  | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
 
   | colspan="2" align="center"  | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
 
   |-
 
   |-
   | colspan="2" align="center"  | [[File:Project_Type_Files_CODE.jpg|link=]]
+
   | colspan="2" align="center"  | [[File:Project_Type_Files_DOC.jpg|link=]]
 
   |}
 
   |}
  
Line 96: Line 112:
 
= Acknowledgements =
 
= Acknowledgements =
 
==Volunteers==
 
==Volunteers==
XXX is developed by a worldwide team of volunteers. The primary contributors to date have been:
+
The OWASP Internet of Things Top Ten Project is developed by a worldwide team of volunteers. The primary contributors to date have been:
  
 
* xxx
 
* xxx
Line 106: Line 122:
  
 
= Road Map and Getting Involved =
 
= Road Map and Getting Involved =
As of XXX, the priorities are:
+
As of January 2014, the priorities are:
 
* xxx
 
* xxx
 
* xxx
 
* xxx
 
* xxx
 
* xxx
  
Involvement in the development and promotion of XXX is actively encouraged!
+
Involvement in the development and promotion of the OWASP Internet of Things Top Ten Project is actively encouraged!
 
You do not have to be a security expert in order to contribute.
 
You do not have to be a security expert in order to contribute.
 
Some of the ways you can help:
 
Some of the ways you can help:
Line 120: Line 136:
  
 
=Project About=
 
=Project About=
{{:Projects/OWASP_Example_Project_About_Page}}   
+
{{:Projects/OWASP_Internet_of_Things_Top_Ten_Project}}   
  
 
__NOTOC__ <headertabs />  
 
__NOTOC__ <headertabs />  
  
 
[[Category:OWASP Project]]  [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]]  [[Category:OWASP_Document]]
 
[[Category:OWASP Project]]  [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]]  [[Category:OWASP_Document]]

Revision as of 21:39, 27 January 2014

[edit]

OWASP Project Header.jpg

OWASP Internet of Things Top Ten Project

Oxford defines the Internet of Things as “a proposed development of the Internet in which everyday objects have network connectivity, allowing them to send and receive data.”

The OWASP Internet of Things (IoT) Top 10 is a project designed to help vendors who are interested in making common appliances and gadgets network/Internet accessible. The project walks through the top ten security problems that are seen with IoT devices, and how to prevent them.

Examples of IoT Devices: Cars, lighting systems, refrigerators, telephones, SCADA systems, traffic control systems, home security systems, TVs, DVRs, etc…

  1. Internet of Things Top 10 (tentative):
  2. Administrative Interface with Weak/Default Credentials
  3. Buffer Overflow of Available Network Service
  4. Lack of Network Encryption
  5. Insecure Software Update System
  6. Denial of Service
  7. Information Disclosure Through Network Services
  8. Insecure Web Interface
  9. Network Attack Magnification
  10. Trivial Physical Security Bypass
  11. Poor Security Management Capabilities

Introduction

Write a short introduction


Description

Write a description that is just a few paragraphs long


Licensing

The OWASP Internet of Things Top Ten Project is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.


What is the OWASP Internet of Things Top Ten Project?

The OWASP Internet of Things Top Ten Project provides:

  • xxx
  • xxx


Presentation

Link to presentation



Project Leader

Daniel Miessler


Related Projects


Quick Download

  • Link to page/download


News and Events

  • [20 Nov 2013] News 2
  • [30 Sep 2013] News 1


In Print

This project can be purchased as a print on demand book from Lulu.com


Classifications

Owasp-incubator-trans-85.png Owasp-builders-small.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files DOC.jpg

Q1
A1
Q2
A2

Volunteers

The OWASP Internet of Things Top Ten Project is developed by a worldwide team of volunteers. The primary contributors to date have been:

  • xxx
  • xxx

Others

  • xxx
  • xxx

As of January 2014, the priorities are:

  • xxx
  • xxx
  • xxx

Involvement in the development and promotion of the OWASP Internet of Things Top Ten Project is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:

  • xxx
  • xxx


PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Internet of Things Top Ten Project (home page)
Purpose: Oxford defines the Internet of Things as “a proposed development of the Internet in which everyday objects have network connectivity, allowing them to send and receive data.”

The OWASP Internet of Things (IoT) Top 10 is a project designed to help vendors who are interested in making common appliances and gadgets network/Internet accessible. The project walks through the top ten security problems that are seen with IoT devices, and how to prevent them.

License: Creative Commons Attribution Share Alike 3.0
who is working on this project?
Project Leader(s):
  • Daniel Miessler @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Daniel Miessler @ to contribute to this project
  • Contact Daniel Miessler @ to review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases