With an experienced, innovative team and an effective, streamlined approach to penetration testing, Security Compass Advisory helps you identify vulnerabilities in IoT devices.
The Unique Security Challenges of IoT Devices
With the dawn of emerging technologies such as 5G cellular networks, the Internet of Things (IoT) has become ubiquitous. Internet-connected devices can be found anywhere, whether powering robotic assembly lines, monitoring patient health, or even controlling home thermostats.
For all the benefits that IoT brings, the technology also presents unique security challenges. IoT devices are accessible in ways that typical computing infrastructure isn’t. Most are not secured behind firewalls in isolated network environments; instead they’re bought and sold commercially.
IoT devices must be able to defend themselves when set-up in hostile networks and when adversaries have direct physical access to them. How can a company have confidence that their devices won’t be compromised after they’ve relinquished control?
Security Compass Advisory has trained and experienced IoT penetration testers who make use of industry standard frameworks and a methodology that covers all aspects of IoT devices. Our IoT security testing engagements can take several forms, from testing devices from a holistic perspective to assessing individual components.
IoT Penetration Testing Methodology
A holistic approach includes the activities outlined below:
Security Compass Advisory will work with business stakeholders to identify the areas of the IoT device that need to be included in testing.
- Threat modeling:
Leveraging the agreed upon areas of assessment, threats and associated test cases are developed to determine the security of controls in place.
The test cases identified during threat modeling are performed. Testing is not performed in isolated phases because, as the device is tested, new test cases will be discovered. Test cases belong to four testing domains:
- Hardware: Testers will bypass physical protections and tamper resistant mechanisms to determine if open serial ports or chips providing access to firmware are present on the circuit board.
- Firmware: Several test cases can be used to test a device’s software including: Penetration testing the device’s open ports, Reverse engineering binaries, Host configuration review (looking for hardcoded credentials, privilege escalation vulnerabilities, security misconfigurations, etc.)
- Remote management: Testers will attempt to find vulnerabilities in how devices are provisioned, updated, and decommissioned. This can also include penetration testing external-facing management servers and performing cloud IoT configuration assessments.
- Radio frequencies: The radio frequencies that a given device possesses will be assessed to identify vulnerabilities. This includes testing Bluetooth, Zigbee, and raw radio communication configurations.
The final report will be delivered to business stakeholders. Included in this report is detailed assessment notes that describe the test cases that have been performed and the security gaps that have been identified.