I Don't Give One IoTA - Introducing the Internet of Things Attack Methodology

Explore the Internet of Things (IoT) attack methodology in this comprehensive conference talk from Derbycon 2016. Delve into the history, definition, and market impact of IoT before examining potential vulnerabilities and security challenges. Learn about NIST standards and their real-world applications. Investigate five key environments: hardware (including lab work, firmware analysis, board analysis, and radio communications), web applications, mobile applications, network penetration testing, and API testing. Gain practical insights through both laboratory exercises and real-world examples. Discover where to acquire the necessary tools and knowledge to effectively assess and secure IoT devices and systems.

Intro
WHO IS YOUR DADDY AND WHAT DOES HE DO?
WHAT IS IOT, THE HISTORY
A TRY ON DEFINITION
MY DEFINITION...
WHAT'S THE MARKET?
WHEN IT ALL GOES WRONG
The hardest part about the impending lot apocalyse
NIST TO REALITY
ONE THING...
MANY, MANY THINGS
5 ENVIRONMENTS
HARDWARE (LAB)
HARDWARE (FIRMWARE)
HARDWARE (BOARD ANALYSIS)
HARDWARE (RADIO)
HARDWARE (WIFI)
HARDWARE (BLUETOOTH/BLE)
WEB APP (LAB)
WEB APP (IN PRACTICE)
MOBILE APP (LAB)
MOBILE APP (IN PRACTICE)
NETWORK PENTESTING (LAB)
NETWORK PENTESTING (IN PRACTICE)
API TESTING (LAB)
API TESTING (IN PRACTICE)
WHERE DO I GET IT?