OWASP IoT firmware guidance

~ hucktech

I just noticed that the OWASP project, the Open source Web App Security Project, has an IoT project, and that project has a Firmware Analysis Project

“The Firmware Analysis Project is intended to provide security testing guidance for the IoT Attack Surface ‘Device Firmware'”.

Nothing specific to UEFI, coreboot, ACPI, SMM, etc. They are using the embedded OS definition of firmware.

https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project#Firmware_Analysis

Published by hucktech

One thought on “OWASP IoT firmware guidance

  1. Pingback: OWASP IoTGoat: deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices – Firmware Security

Leave a Reply

Please log in using one of these methods to post your comment:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s