The Entire World Becomes Connected
Smart and connected devices (IoT) are transforming our lives, improving efficiency, availability and security of our environment and life.
Smart cities, smart medicine/healthcare, smart homes, smart transportation and smart manufacturing are changing the way we communicate with our environment, homes and even our bodies.
Research performed by Gartner indicates that by the year 2020 there will be more than 20 BILLION connected devices!
AppSec Labs’ IoT Research and Evaluation
Over the last few years we, at AppSec Labs, did a lot of research on connected device threats and mitigation. The research was done side-by-side with consulting and accompanying the development of new connected products and old-fashioned devices that became connected.
We have helped teams develop secure solutions, and developed different tools and scripts to attack insecure usage and implementation.
AppSec Labs IoT Partnerships
AppSec Labs is a Microsoft Global trusted partner in the security program for Azure IoT, this partnership provides AppSec Labs with access to the newest Microsoft solutions and direct access to R&D, which is knowledge we transfer to our customers.
Whether you’re building your own solution with certified devices, or looking for a complete IoT solution, AppSec Labs can help tailor the Azure IoT Suite to your industry-specific needs.
AppSec Labs has partnered up with leading IoT architects & development teams including Softimize and Emind. These partnerships allow us to stay one step ahead of the game and give us the opportunity to be in the first line with the best IoT providers – all the way from the designer table to production.
Connected Device – the Ultimate Problem to Protect
IoT products has two big issues that require wide and specialized expertise to secure:
A larger attack surface:
- Local device (sensors and/or controllers)
- Mobile apps (iOS and Android)
- Cloud APIs
- Management website
Custom architectures and communications:
- Multiple entities and identities
- Multiple authentications in one product
- Non-common protocols
- Device initialization (network connection and pairing)
- Mobile ⇔ device communication
- Protecting client side code (mobile apps and device)
AppSec Labs End-to-End Solutions for IoT/Connected Products
Entire SDLC
Secure development life cycle is the full package of security. Accompanying development from the requirement’s stages to the production and ensuring that security is verified in each stage.
Consulting
AppSec Labs provide IoT security consulting including requirements, architecture, design review & consulting, checking specific features and implementations (POC services) and security R&D expansion.
Also we provide security code review for any program language and architecture (embedded code, remote procedure calls, mobile and web application), that is used to develop IoT products and services to better identify & remediate software vulnerabilities earlier in the development lifecycle.
Training
The AppSec Labs Academy is known for its courses. We will teach your developers to understand the attacker’s goals, techniques and abilities, and teach them mitigation for any situation. We have created a special edition for IoT security courses, that is dedicate to IoT R&D teams, Read more about our IoT Academy.
Penetration Testing
AppSec Labs provide IoT security consulting including requirements, architecture, design review & consulting, checking specific features and implementations (POC services) and security R&D expansion.
Also we provide security code review for any program language and architecture (embedded code, remote procedure calls, mobile and web application), that is used to develop IoT products and services to better identify & remediate software vulnerabilities earlier in the development lifecycle.
