SlideShare une entreprise Scribd logo

Mark de Groot - Meetup: Help Mijn IoT-device wordt gehackt?

IoT Academy
IoT Academy

Tijdens de IoT Academy meetup op 22 juni 2017 stond het thema IoT beveiliging centraal. Nu steeds meer apparaten verbonden zijn met het internet en met de komst van 'smart cities' zelfs hele steden afhankelijk zijn geworden van het internet zijn we als samenleving kwetsbaarder dan ooit. De behoefte aan Cyber Security neemt toe, nu de eerste DDos aanvallen van IoT-apparaten hebben plaatsgevonden en verschillende IoT-apparaten zijn gehackt. De recente en grootste ramsomware-uitbraak ooit op 12 mei jl: WannaCry toont goed aan hoe kwetsbaar we als samenleving zijn geworden. In zeer korte tijd wist de ransomware door te dringen tot overheidsinstellingen, ziekenhuizen, treinstations en meer dan 50.000 organisaties in 100 landen. Tijdens de meetup van juni speelden we in op thema's die spelen rondom Cyber Security van IoT devices en wat je kunt doen als organisatie om IoT hacking te voorkomen. Daarnaast liet onze spreker Mark de Groot zien hoe een hack tot stand komt.

Technologie
1  sur  21
Télécharger pour lire hors ligne
KPN REDTEAM Be Smart Be Secure
KPN REDTEAM What is a Smart City? Using modern ICT and IoT technology in a secure way to manage a city’s asset and improve urban space with interaction with citizens to increase quality of life
KPN REDTEAM Implementations: • Lanterns • Industrial Cooling • Smart waste • Legionella detector • Street cover • Sea pumps • Bike • Luxury asset • Solar Panel • Smart office space • Parking • Transport management • Health sector • City information
KPN REDTEAM
KPN REDTEAM Kill Chain Stages of a Target Cyber Intrusion Stage Action Methodology Stage 1 Reconnaissance Harvesting Email Addresses, Social Networking, Passive Search, IP Port Scanning Weaponization Developing Exploit with Payload Creation, Malware, Delivery systems, Decoys Delivery Spear Phishing, Infected Website, Service Provider, USB Stage 2 Exploitation Activation, Execute Code, Establish Foothold, 3rd party Exploitation Installation Trojan or Backdoor, Escalate Privileges, Root Kit, Establish Persistence Stage 3 Command & Control Command Channel, Lateral Movement, Internal Recon, Maintain Persistence Actions on Target Expand Compromise, Consolidate Persistence, identify Targets, Data Ex-filtration
KPN REDTEAM
KPN REDTEAM
KPN REDTEAM
KPN REDTEAM Some of the challenges Contracts What about cyber security and privacy? Development With all of the technology and standards how can we make this secure? Monitor How can we monitor attacks and unusual behavior? Architecture Can we scale the architecture for the long term? And what about multiple layers of defense? Maintain How can we update and manage so many devices?
KPN REDTEAM Contract challenges How does cyber security fit into a 30 year contract?
KPN REDTEAM Development challenges Extensive—but not exhaustive—list of Internet of Things (IoT) protocols: Bluetooth BLE ZigBee Z-Wave 6LoWPAN Thread WiFi-ah (HaLow) 2G (GSM) 3G & 4G LTE Cat 0, 1, & 3 LTE-M1 NB-IoT 5G NFC RFID SigFox LoRaWAN Ingenu Weightless-W ANT & ANT+ DigiMesh MiWi EnOcean Dash7 The application shall communicate with mobiles, cloud, data hub and sensors from all of our suppliers. Oh yeah, it must be secure and we need it next week
KPN REDTEAM Architecture challenges How flexible is our architecture with the amount of growing devices and standards? How to deal with segmentation to reduce risks in case of a compromise?
KPN REDTEAM Vulnerability management How do we perform patch management? Can we reduce the life time of a sensor?
KPN REDTEAM REDteaming model Level 3 Level 2 Level 1 Cyber Zero knowledge Physical Zero knowledge Human Zero knowledge Cyber Limited insider Physical Limited insider Human Limited insider Cyber Trusted insider Physical Trusted insider Human Trusted insider Target
KPN REDTEAM Elements of REDteaming A red team exercise simulates criminal activity to challenge a company on their social, technical, and physical defenses: Physical Finding weaknesses in your physical defenses • Gaining unauthorized access to buildings and area’s • Tailgating, • Badge ID’s • Drones • Lock picking doors Cyber Finding weaknesses in your technical defenses • Gaining unauthorized access to your infrastructure and your data • Malware attack • Password brute force on all systems Human Finding weaknesses in your social defenses • Gaining unauthorized access through your employees • Social engineering • Infected USB sticks • Excuses to gain access • Gain trust from employees
KPN REDTEAM
KPN REDTEAM Take away • Embed security into the DNA of smart city development • Hug the hackers and promote responsible disclosure • Perform regular REDteam/simulation exercises
KPN REDTEAM • Twee losse arduino’s • De rechter heeft een temp sensor • De linker heeft een LCD scherm • Middels 433 mhz verbinding wordt de temperatuur verzonden.
KPN REDTEAM GQRX • De signaal kunnen we capturen met een SDR software defined Radio • Het signaal recorden en vervolgens analyseren
KPN REDTEAM Audacity • Het signaal heeft een binary structuur • De temperatuur is 22 graden 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 01 1 0
KPN REDTEAM Thank you Mark de Groot TeamLead KPN REDteam markdegroot@kpn.com IoT is all about the application and infrastructure and it must be secure from the start and into the future

Recommandé

Security Impact of Data Visibility - Your New 90-Second Superpower
Security Impact of Data Visibility - Your New 90-Second SuperpowerSecurity Impact of Data Visibility - Your New 90-Second Superpower
Security Impact of Data Visibility - Your New 90-Second SuperpowerThinAir
 
Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011
Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011
Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011EASTWEST Public Relations
 
Mobile device forensics
Mobile device forensicsMobile device forensics
Mobile device forensicsSuresh Kumar
 
Why Risk Management is Impossible
Why Risk Management is ImpossibleWhy Risk Management is Impossible
Why Risk Management is ImpossibleRichard Stiennon
 
Physical Security and Digital Security
Physical Security and Digital SecurityPhysical Security and Digital Security
Physical Security and Digital SecurityPLN9 Security Services Pvt. Ltd.
 
Modern Cyber Threat Protection techniques for Enterprises
Modern Cyber Threat Protection techniques for EnterprisesModern Cyber Threat Protection techniques for Enterprises
Modern Cyber Threat Protection techniques for EnterprisesAbhinav Biswas
 
Security News Bytes
Security News BytesSecurity News Bytes
Security News BytesRaghunath G
 
BRIDGING THE KNOWLEDGE GAP: From Higher Institution Theory to Real Life Pract...
BRIDGING THE KNOWLEDGE GAP: From Higher Institution Theory to Real Life Pract...BRIDGING THE KNOWLEDGE GAP: From Higher Institution Theory to Real Life Pract...
BRIDGING THE KNOWLEDGE GAP: From Higher Institution Theory to Real Life Pract...Segun Ebenezer Olaniyan
 

Recommandé

Security Impact of Data Visibility - Your New 90-Second Superpower
Security Impact of Data Visibility - Your New 90-Second SuperpowerSecurity Impact of Data Visibility - Your New 90-Second Superpower
Security Impact of Data Visibility - Your New 90-Second SuperpowerThinAir
 
Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011
Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011
Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011EASTWEST Public Relations
 
Mobile device forensics
Mobile device forensicsMobile device forensics
Mobile device forensicsSuresh Kumar
 
Why Risk Management is Impossible
Why Risk Management is ImpossibleWhy Risk Management is Impossible
Why Risk Management is ImpossibleRichard Stiennon
 
Physical Security and Digital Security
Physical Security and Digital SecurityPhysical Security and Digital Security
Physical Security and Digital SecurityPLN9 Security Services Pvt. Ltd.
 
Modern Cyber Threat Protection techniques for Enterprises
Modern Cyber Threat Protection techniques for EnterprisesModern Cyber Threat Protection techniques for Enterprises
Modern Cyber Threat Protection techniques for EnterprisesAbhinav Biswas
 
Security News Bytes
Security News BytesSecurity News Bytes
Security News BytesRaghunath G
 
BRIDGING THE KNOWLEDGE GAP: From Higher Institution Theory to Real Life Pract...
BRIDGING THE KNOWLEDGE GAP: From Higher Institution Theory to Real Life Pract...BRIDGING THE KNOWLEDGE GAP: From Higher Institution Theory to Real Life Pract...
BRIDGING THE KNOWLEDGE GAP: From Higher Institution Theory to Real Life Pract...Segun Ebenezer Olaniyan
 
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011shawn_merdinger
 
Wireless Networking
Wireless NetworkingWireless Networking
Wireless Networkingjvonschilling
 
Nguyen nielsenkim palmvein
Nguyen nielsenkim palmveinNguyen nielsenkim palmvein
Nguyen nielsenkim palmveinNikhila07
 
Securing IoT Applications
Securing IoT Applications Securing IoT Applications
Securing IoT Applications WSO2
 
The New frontiers in Information Security
The New frontiers in Information SecurityThe New frontiers in Information Security
The New frontiers in Information SecurityVineet Sood
 
IoT Security
IoT SecurityIoT Security
IoT SecurityTim Groenwals
 
Ethical hacking for beginners and professionals
Ethical hacking for beginners and professionalsEthical hacking for beginners and professionals
Ethical hacking for beginners and professionalsHackingmantra
 
Securing Internet of Things
Securing Internet of Things Securing Internet of Things
Securing Internet of Things Swapnil Deshmukh
 
Embedded Systems: Future trends, Employer Expectations
Embedded Systems: Future trends, Employer ExpectationsEmbedded Systems: Future trends, Employer Expectations
Embedded Systems: Future trends, Employer ExpectationsCareer Communications Group
 
Privacy and Security in the Internet of Things
Privacy and Security in the Internet of ThingsPrivacy and Security in the Internet of Things
Privacy and Security in the Internet of ThingsJeff Katz
 
Man in the Binder
Man in the BinderMan in the Binder
Man in the Bindernitayart
 
Blackhat USA Mobile Security Panel 2011
Blackhat USA Mobile Security Panel 2011Blackhat USA Mobile Security Panel 2011
Blackhat USA Mobile Security Panel 2011Tyler Shields
 
MacIT 2014
MacIT 2014MacIT 2014
MacIT 2014tperfitt
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber CrimeWaqas Abbasi
 
DARPA: Cyber Analytical Framework (Kaufman)
DARPA: Cyber Analytical Framework (Kaufman)DARPA: Cyber Analytical Framework (Kaufman)
DARPA: Cyber Analytical Framework (Kaufman)Michael Scovetta
 
iOS Threats - Malicious Configuration Profiles, Threat, Detection & Mitigation
iOS Threats - Malicious Configuration Profiles, Threat, Detection & MitigationiOS Threats - Malicious Configuration Profiles, Threat, Detection & Mitigation
iOS Threats - Malicious Configuration Profiles, Threat, Detection & MitigationLacoon Mobile Security
 
Markbrakent war
Markbrakent warMarkbrakent war
Markbrakent warkent neri
 
The value of Deep Instinct’s prediction model – Copy Cat Test Case
The value of Deep Instinct’s prediction model – Copy Cat Test CaseThe value of Deep Instinct’s prediction model – Copy Cat Test Case
The value of Deep Instinct’s prediction model – Copy Cat Test CaseAlly Benoliel
 
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...Lacoon Mobile Security
 
Digital Watermarking Report
Digital Watermarking ReportDigital Watermarking Report
Digital Watermarking ReportOECLIB Odisha Electronics Control Library
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksAngeloluca Barba
 
Cybersecurity Risk from User Perspective
Cybersecurity Risk from User PerspectiveCybersecurity Risk from User Perspective
Cybersecurity Risk from User PerspectiveAvinantaTarigan
 

Contenu connexe

Tendances

Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011shawn_merdinger
 
Nguyen nielsenkim palmvein
Nguyen nielsenkim palmveinNguyen nielsenkim palmvein
Nguyen nielsenkim palmveinNikhila07
 
Securing IoT Applications
Securing IoT Applications Securing IoT Applications
Securing IoT Applications WSO2
 
The New frontiers in Information Security
The New frontiers in Information SecurityThe New frontiers in Information Security
The New frontiers in Information SecurityVineet Sood
 
Ethical hacking for beginners and professionals
Ethical hacking for beginners and professionalsEthical hacking for beginners and professionals
Ethical hacking for beginners and professionalsHackingmantra
 
Securing Internet of Things
Securing Internet of Things Securing Internet of Things
Securing Internet of Things Swapnil Deshmukh
 
Embedded Systems: Future trends, Employer Expectations
Embedded Systems: Future trends, Employer ExpectationsEmbedded Systems: Future trends, Employer Expectations
Embedded Systems: Future trends, Employer ExpectationsCareer Communications Group
 
Privacy and Security in the Internet of Things
Privacy and Security in the Internet of ThingsPrivacy and Security in the Internet of Things
Privacy and Security in the Internet of ThingsJeff Katz
 
Man in the Binder
Man in the BinderMan in the Binder
Man in the Bindernitayart
 
Blackhat USA Mobile Security Panel 2011
Blackhat USA Mobile Security Panel 2011Blackhat USA Mobile Security Panel 2011
Blackhat USA Mobile Security Panel 2011Tyler Shields
 
MacIT 2014
MacIT 2014MacIT 2014
MacIT 2014tperfitt
 
DARPA: Cyber Analytical Framework (Kaufman)
DARPA: Cyber Analytical Framework (Kaufman)DARPA: Cyber Analytical Framework (Kaufman)
DARPA: Cyber Analytical Framework (Kaufman)Michael Scovetta
 
iOS Threats - Malicious Configuration Profiles, Threat, Detection & Mitigation
iOS Threats - Malicious Configuration Profiles, Threat, Detection & MitigationiOS Threats - Malicious Configuration Profiles, Threat, Detection & Mitigation
iOS Threats - Malicious Configuration Profiles, Threat, Detection & MitigationLacoon Mobile Security
 
Markbrakent war
Markbrakent warMarkbrakent war
Markbrakent warkent neri
 
The value of Deep Instinct’s prediction model – Copy Cat Test Case
The value of Deep Instinct’s prediction model – Copy Cat Test CaseThe value of Deep Instinct’s prediction model – Copy Cat Test Case
The value of Deep Instinct’s prediction model – Copy Cat Test CaseAlly Benoliel
 
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...Lacoon Mobile Security
 

Tendances (20)

Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011
 
Wireless Networking
Wireless NetworkingWireless Networking
Wireless Networking
 
Nguyen nielsenkim palmvein
Nguyen nielsenkim palmveinNguyen nielsenkim palmvein
Nguyen nielsenkim palmvein
 
Securing IoT Applications
Securing IoT Applications Securing IoT Applications
Securing IoT Applications
 
The New frontiers in Information Security
The New frontiers in Information SecurityThe New frontiers in Information Security
The New frontiers in Information Security
 
IoT Security
IoT SecurityIoT Security
IoT Security
 
Ethical hacking for beginners and professionals
Ethical hacking for beginners and professionalsEthical hacking for beginners and professionals
Ethical hacking for beginners and professionals
 
Securing Internet of Things
Securing Internet of Things Securing Internet of Things
Securing Internet of Things
 
Embedded Systems: Future trends, Employer Expectations
Embedded Systems: Future trends, Employer ExpectationsEmbedded Systems: Future trends, Employer Expectations
Embedded Systems: Future trends, Employer Expectations
 
Privacy and Security in the Internet of Things
Privacy and Security in the Internet of ThingsPrivacy and Security in the Internet of Things
Privacy and Security in the Internet of Things
 
Man in the Binder
Man in the BinderMan in the Binder
Man in the Binder
 
Blackhat USA Mobile Security Panel 2011
Blackhat USA Mobile Security Panel 2011Blackhat USA Mobile Security Panel 2011
Blackhat USA Mobile Security Panel 2011
 
MacIT 2014
MacIT 2014MacIT 2014
MacIT 2014
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
DARPA: Cyber Analytical Framework (Kaufman)
DARPA: Cyber Analytical Framework (Kaufman)DARPA: Cyber Analytical Framework (Kaufman)
DARPA: Cyber Analytical Framework (Kaufman)
 
iOS Threats - Malicious Configuration Profiles, Threat, Detection & Mitigation
iOS Threats - Malicious Configuration Profiles, Threat, Detection & MitigationiOS Threats - Malicious Configuration Profiles, Threat, Detection & Mitigation
iOS Threats - Malicious Configuration Profiles, Threat, Detection & Mitigation
 
Markbrakent war
Markbrakent warMarkbrakent war
Markbrakent war
 
The value of Deep Instinct’s prediction model – Copy Cat Test Case
The value of Deep Instinct’s prediction model – Copy Cat Test CaseThe value of Deep Instinct’s prediction model – Copy Cat Test Case
The value of Deep Instinct’s prediction model – Copy Cat Test Case
 
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
 
Digital Watermarking Report
Digital Watermarking ReportDigital Watermarking Report
Digital Watermarking Report
 

Similaire à Mark de Groot - Meetup: Help Mijn IoT-device wordt gehackt?

Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksAngeloluca Barba
 
Cybersecurity Risk from User Perspective
Cybersecurity Risk from User PerspectiveCybersecurity Risk from User Perspective
Cybersecurity Risk from User PerspectiveAvinantaTarigan
 
Soc analyst course content v3
Soc analyst course content v3Soc analyst course content v3
Soc analyst course content v3ShivamSharma909
 
Soc analyst course content
Soc analyst course contentSoc analyst course content
Soc analyst course contentShivamSharma909
 
Tecomex Forensics Brochure 2014
Tecomex Forensics Brochure 2014Tecomex Forensics Brochure 2014
Tecomex Forensics Brochure 2014Dr. Idris Ahmed
 
Cyber intelligence for corporate security
Cyber intelligence for corporate securityCyber intelligence for corporate security
Cyber intelligence for corporate securityG3 intelligence Ltd
 
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerTouring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerAbhinav Biswas
 
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptxDomain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptxInfosectrain3
 
Cyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APTCyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APTSimone Onofri
 
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Jiunn-Jer Sun
 
Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.AlgoSec
 
2012 Reenergize the Americas 3B: Angel Avila
2012 Reenergize the Americas 3B: Angel Avila2012 Reenergize the Americas 3B: Angel Avila
2012 Reenergize the Americas 3B: Angel AvilaReenergize
 
Workshop on Cyber security and investigation
Workshop on Cyber security and investigationWorkshop on Cyber security and investigation
Workshop on Cyber security and investigationMehedi Hasan
 
LoginCat - Zero Trust Integrated Cybersecurity
LoginCat - Zero Trust Integrated CybersecurityLoginCat - Zero Trust Integrated Cybersecurity
LoginCat - Zero Trust Integrated CybersecurityRohit Kapoor
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranKoenig Solutions Ltd.
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cCharles Li
 
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxINTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxSuhailShaik16
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsIBM Security
 
Offensive cyber security engineer pragram course agenda
Offensive cyber security engineer pragram course agendaOffensive cyber security engineer pragram course agenda
Offensive cyber security engineer pragram course agendaShivamSharma909
 

Similaire à Mark de Groot - Meetup: Help Mijn IoT-device wordt gehackt? (20)

Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
 
Cybersecurity Risk from User Perspective
Cybersecurity Risk from User PerspectiveCybersecurity Risk from User Perspective
Cybersecurity Risk from User Perspective
 
Soc analyst course content v3
Soc analyst course content v3Soc analyst course content v3
Soc analyst course content v3
 
Soc analyst course content
Soc analyst course contentSoc analyst course content
Soc analyst course content
 
Tecomex Forensics Brochure 2014
Tecomex Forensics Brochure 2014Tecomex Forensics Brochure 2014
Tecomex Forensics Brochure 2014
 
Cyber intelligence for corporate security
Cyber intelligence for corporate securityCyber intelligence for corporate security
Cyber intelligence for corporate security
 
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerTouring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
 
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptxDomain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
 
Cyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APTCyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APT
 
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
 
Avila 3 b
Avila 3 bAvila 3 b
Avila 3 b
 
Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.
 
2012 Reenergize the Americas 3B: Angel Avila
2012 Reenergize the Americas 3B: Angel Avila2012 Reenergize the Americas 3B: Angel Avila
2012 Reenergize the Americas 3B: Angel Avila
 
Workshop on Cyber security and investigation
Workshop on Cyber security and investigationWorkshop on Cyber security and investigation
Workshop on Cyber security and investigation
 
LoginCat - Zero Trust Integrated Cybersecurity
LoginCat - Zero Trust Integrated CybersecurityLoginCat - Zero Trust Integrated Cybersecurity
LoginCat - Zero Trust Integrated Cybersecurity
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425c
 
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxINTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
 
Offensive cyber security engineer pragram course agenda
Offensive cyber security engineer pragram course agendaOffensive cyber security engineer pragram course agenda
Offensive cyber security engineer pragram course agenda
 

Plus de IoT Academy

Online meetup 28 mei | IoT Academy
Online meetup 28 mei | IoT AcademyOnline meetup 28 mei | IoT Academy
Online meetup 28 mei | IoT AcademyIoT Academy
 
KVK meetup januari 2020 | IoT Academy
KVK meetup januari 2020 | IoT Academy KVK meetup januari 2020 | IoT Academy
KVK meetup januari 2020 | IoT Academy IoT Academy
 
IoT Academy Meetup Januari 2020 | ABN Amro & Firmhouse
IoT Academy Meetup Januari 2020 | ABN Amro & FirmhouseIoT Academy Meetup Januari 2020 | ABN Amro & Firmhouse
IoT Academy Meetup Januari 2020 | ABN Amro & FirmhouseIoT Academy
 
Smart Building - Wageningen University & Research | IoT Meetup November 2019
Smart Building - Wageningen University & Research | IoT Meetup November 2019Smart Building - Wageningen University & Research | IoT Meetup November 2019
Smart Building - Wageningen University & Research | IoT Meetup November 2019IoT Academy
 
Lonely Rooftop | IoT Academy Meetup November 2019
Lonely Rooftop | IoT Academy Meetup November 2019 Lonely Rooftop | IoT Academy Meetup November 2019
Lonely Rooftop | IoT Academy Meetup November 2019 IoT Academy
 
IoT Update Oktober 2019 | Paul Coppes @ KPN | De do's en don'ts als je start ...
IoT Update Oktober 2019 | Paul Coppes @ KPN | De do's en don'ts als je start ...IoT Update Oktober 2019 | Paul Coppes @ KPN | De do's en don'ts als je start ...
IoT Update Oktober 2019 | Paul Coppes @ KPN | De do's en don'ts als je start ...IoT Academy
 
IoT Update Oktober 2019 | Irene Barten @Munisense | Online & Real-time metingen
IoT Update Oktober 2019 | Irene Barten @Munisense | Online & Real-time metingenIoT Update Oktober 2019 | Irene Barten @Munisense | Online & Real-time metingen
IoT Update Oktober 2019 | Irene Barten @Munisense | Online & Real-time metingenIoT Academy
 
IoT Update Oktober 2019 | Sijmen Ruwhof @KPN | Huidige staat van IoT Cyber S...
IoT Update Oktober 2019 | Sijmen Ruwhof @KPN | Huidige staat van IoT Cyber S...IoT Update Oktober 2019 | Sijmen Ruwhof @KPN | Huidige staat van IoT Cyber S...
IoT Update Oktober 2019 | Sijmen Ruwhof @KPN | Huidige staat van IoT Cyber S...IoT Academy
 
IoT Update Oktober 2019 | Jan Depping @Microsoft | The next step in IoT
IoT Update Oktober 2019 | Jan Depping @Microsoft | The next step in IoTIoT Update Oktober 2019 | Jan Depping @Microsoft | The next step in IoT
IoT Update Oktober 2019 | Jan Depping @Microsoft | The next step in IoTIoT Academy
 
IoT Update Oktober 2019 | Industrie 4.0 en nu?
IoT Update Oktober 2019 | Industrie 4.0 en nu?IoT Update Oktober 2019 | Industrie 4.0 en nu?
IoT Update Oktober 2019 | Industrie 4.0 en nu?IoT Academy
 
IoT Update oktober 2019 | Introductie van IoT educatie kit
IoT Update oktober 2019 | Introductie van IoT educatie kitIoT Update oktober 2019 | Introductie van IoT educatie kit
IoT Update oktober 2019 | Introductie van IoT educatie kitIoT Academy
 
IoT Update Oktober 2019 | Pedro de Smit @Clickey Solutions |
IoT Update Oktober 2019 | Pedro de Smit @Clickey Solutions | IoT Update Oktober 2019 | Pedro de Smit @Clickey Solutions |
IoT Update Oktober 2019 | Pedro de Smit @Clickey Solutions | IoT Academy
 
IoT Update Oktober 2019 | Titia Houwing @KPN | De rol van 5G in een verbonden...
IoT Update Oktober 2019 | Titia Houwing @KPN | De rol van 5G in een verbonden...IoT Update Oktober 2019 | Titia Houwing @KPN | De rol van 5G in een verbonden...
IoT Update Oktober 2019 | Titia Houwing @KPN | De rol van 5G in een verbonden...IoT Academy
 
IoT Update | Hoe implementeer je IoT Schaalbaar in je IT landschap
IoT Update | Hoe implementeer je IoT Schaalbaar in je IT landschapIoT Update | Hoe implementeer je IoT Schaalbaar in je IT landschap
IoT Update | Hoe implementeer je IoT Schaalbaar in je IT landschapIoT Academy
 
IoT Update Oktober 2019 | Wilfred Harbers CTO Benelux @ Software AG | Edge co...
IoT Update Oktober 2019 | Wilfred Harbers CTO Benelux @ Software AG | Edge co...IoT Update Oktober 2019 | Wilfred Harbers CTO Benelux @ Software AG | Edge co...
IoT Update Oktober 2019 | Wilfred Harbers CTO Benelux @ Software AG | Edge co...IoT Academy
 
IoT Meetup September 2019
IoT Meetup September 2019IoT Meetup September 2019
IoT Meetup September 2019IoT Academy
 
Lte-m Sierra Wireless V1
Lte-m Sierra Wireless V1Lte-m Sierra Wireless V1
Lte-m Sierra Wireless V1IoT Academy
 
IoT Academy Meetup - LTE-M: wat kun je ermee?
IoT Academy Meetup - LTE-M: wat kun je ermee?IoT Academy Meetup - LTE-M: wat kun je ermee?
IoT Academy Meetup - LTE-M: wat kun je ermee?IoT Academy
 
Whitepaper IoT Platformen
Whitepaper IoT PlatformenWhitepaper IoT Platformen
Whitepaper IoT PlatformenIoT Academy
 
IoT meetup september 2017
IoT meetup september 2017IoT meetup september 2017
IoT meetup september 2017IoT Academy
 

Plus de IoT Academy (20)

Online meetup 28 mei | IoT Academy
Online meetup 28 mei | IoT AcademyOnline meetup 28 mei | IoT Academy
Online meetup 28 mei | IoT Academy
 
KVK meetup januari 2020 | IoT Academy
KVK meetup januari 2020 | IoT Academy KVK meetup januari 2020 | IoT Academy
KVK meetup januari 2020 | IoT Academy
 
IoT Academy Meetup Januari 2020 | ABN Amro & Firmhouse
IoT Academy Meetup Januari 2020 | ABN Amro & FirmhouseIoT Academy Meetup Januari 2020 | ABN Amro & Firmhouse
IoT Academy Meetup Januari 2020 | ABN Amro & Firmhouse
 
Smart Building - Wageningen University & Research | IoT Meetup November 2019
Smart Building - Wageningen University & Research | IoT Meetup November 2019Smart Building - Wageningen University & Research | IoT Meetup November 2019
Smart Building - Wageningen University & Research | IoT Meetup November 2019
 
Lonely Rooftop | IoT Academy Meetup November 2019
Lonely Rooftop | IoT Academy Meetup November 2019 Lonely Rooftop | IoT Academy Meetup November 2019
Lonely Rooftop | IoT Academy Meetup November 2019
 
IoT Update Oktober 2019 | Paul Coppes @ KPN | De do's en don'ts als je start ...
IoT Update Oktober 2019 | Paul Coppes @ KPN | De do's en don'ts als je start ...IoT Update Oktober 2019 | Paul Coppes @ KPN | De do's en don'ts als je start ...
IoT Update Oktober 2019 | Paul Coppes @ KPN | De do's en don'ts als je start ...
 
IoT Update Oktober 2019 | Irene Barten @Munisense | Online & Real-time metingen
IoT Update Oktober 2019 | Irene Barten @Munisense | Online & Real-time metingenIoT Update Oktober 2019 | Irene Barten @Munisense | Online & Real-time metingen
IoT Update Oktober 2019 | Irene Barten @Munisense | Online & Real-time metingen
 
IoT Update Oktober 2019 | Sijmen Ruwhof @KPN | Huidige staat van IoT Cyber S...
IoT Update Oktober 2019 | Sijmen Ruwhof @KPN | Huidige staat van IoT Cyber S...IoT Update Oktober 2019 | Sijmen Ruwhof @KPN | Huidige staat van IoT Cyber S...
IoT Update Oktober 2019 | Sijmen Ruwhof @KPN | Huidige staat van IoT Cyber S...
 
IoT Update Oktober 2019 | Jan Depping @Microsoft | The next step in IoT
IoT Update Oktober 2019 | Jan Depping @Microsoft | The next step in IoTIoT Update Oktober 2019 | Jan Depping @Microsoft | The next step in IoT
IoT Update Oktober 2019 | Jan Depping @Microsoft | The next step in IoT
 
IoT Update Oktober 2019 | Industrie 4.0 en nu?
IoT Update Oktober 2019 | Industrie 4.0 en nu?IoT Update Oktober 2019 | Industrie 4.0 en nu?
IoT Update Oktober 2019 | Industrie 4.0 en nu?
 
IoT Update oktober 2019 | Introductie van IoT educatie kit
IoT Update oktober 2019 | Introductie van IoT educatie kitIoT Update oktober 2019 | Introductie van IoT educatie kit
IoT Update oktober 2019 | Introductie van IoT educatie kit
 
IoT Update Oktober 2019 | Pedro de Smit @Clickey Solutions |
IoT Update Oktober 2019 | Pedro de Smit @Clickey Solutions | IoT Update Oktober 2019 | Pedro de Smit @Clickey Solutions |
IoT Update Oktober 2019 | Pedro de Smit @Clickey Solutions |
 
IoT Update Oktober 2019 | Titia Houwing @KPN | De rol van 5G in een verbonden...
IoT Update Oktober 2019 | Titia Houwing @KPN | De rol van 5G in een verbonden...IoT Update Oktober 2019 | Titia Houwing @KPN | De rol van 5G in een verbonden...
IoT Update Oktober 2019 | Titia Houwing @KPN | De rol van 5G in een verbonden...
 
IoT Update | Hoe implementeer je IoT Schaalbaar in je IT landschap
IoT Update | Hoe implementeer je IoT Schaalbaar in je IT landschapIoT Update | Hoe implementeer je IoT Schaalbaar in je IT landschap
IoT Update | Hoe implementeer je IoT Schaalbaar in je IT landschap
 
IoT Update Oktober 2019 | Wilfred Harbers CTO Benelux @ Software AG | Edge co...
IoT Update Oktober 2019 | Wilfred Harbers CTO Benelux @ Software AG | Edge co...IoT Update Oktober 2019 | Wilfred Harbers CTO Benelux @ Software AG | Edge co...
IoT Update Oktober 2019 | Wilfred Harbers CTO Benelux @ Software AG | Edge co...
 
IoT Meetup September 2019
IoT Meetup September 2019IoT Meetup September 2019
IoT Meetup September 2019
 
Lte-m Sierra Wireless V1
Lte-m Sierra Wireless V1Lte-m Sierra Wireless V1
Lte-m Sierra Wireless V1
 
IoT Academy Meetup - LTE-M: wat kun je ermee?
IoT Academy Meetup - LTE-M: wat kun je ermee?IoT Academy Meetup - LTE-M: wat kun je ermee?
IoT Academy Meetup - LTE-M: wat kun je ermee?
 
Whitepaper IoT Platformen
Whitepaper IoT PlatformenWhitepaper IoT Platformen
Whitepaper IoT Platformen
 
IoT meetup september 2017
IoT meetup september 2017IoT meetup september 2017
IoT meetup september 2017
 

Dernier

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 

Dernier (20)

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 

Mark de Groot - Meetup: Help Mijn IoT-device wordt gehackt?

  • 2. KPN REDTEAM What is a Smart City? Using modern ICT and IoT technology in a secure way to manage a city’s asset and improve urban space with interaction with citizens to increase quality of life
  • 3. KPN REDTEAM Implementations: • Lanterns • Industrial Cooling • Smart waste • Legionella detector • Street cover • Sea pumps • Bike • Luxury asset • Solar Panel • Smart office space • Parking • Transport management • Health sector • City information
  • 5. KPN REDTEAM Kill Chain Stages of a Target Cyber Intrusion Stage Action Methodology Stage 1 Reconnaissance Harvesting Email Addresses, Social Networking, Passive Search, IP Port Scanning Weaponization Developing Exploit with Payload Creation, Malware, Delivery systems, Decoys Delivery Spear Phishing, Infected Website, Service Provider, USB Stage 2 Exploitation Activation, Execute Code, Establish Foothold, 3rd party Exploitation Installation Trojan or Backdoor, Escalate Privileges, Root Kit, Establish Persistence Stage 3 Command & Control Command Channel, Lateral Movement, Internal Recon, Maintain Persistence Actions on Target Expand Compromise, Consolidate Persistence, identify Targets, Data Ex-filtration
  • 9. KPN REDTEAM Some of the challenges Contracts What about cyber security and privacy? Development With all of the technology and standards how can we make this secure? Monitor How can we monitor attacks and unusual behavior? Architecture Can we scale the architecture for the long term? And what about multiple layers of defense? Maintain How can we update and manage so many devices?
  • 10. KPN REDTEAM Contract challenges How does cyber security fit into a 30 year contract?
  • 11. KPN REDTEAM Development challenges Extensive—but not exhaustive—list of Internet of Things (IoT) protocols: Bluetooth BLE ZigBee Z-Wave 6LoWPAN Thread WiFi-ah (HaLow) 2G (GSM) 3G & 4G LTE Cat 0, 1, & 3 LTE-M1 NB-IoT 5G NFC RFID SigFox LoRaWAN Ingenu Weightless-W ANT & ANT+ DigiMesh MiWi EnOcean Dash7 The application shall communicate with mobiles, cloud, data hub and sensors from all of our suppliers. Oh yeah, it must be secure and we need it next week
  • 12. KPN REDTEAM Architecture challenges How flexible is our architecture with the amount of growing devices and standards? How to deal with segmentation to reduce risks in case of a compromise?
  • 13. KPN REDTEAM Vulnerability management How do we perform patch management? Can we reduce the life time of a sensor?
  • 14. KPN REDTEAM REDteaming model Level 3 Level 2 Level 1 Cyber Zero knowledge Physical Zero knowledge Human Zero knowledge Cyber Limited insider Physical Limited insider Human Limited insider Cyber Trusted insider Physical Trusted insider Human Trusted insider Target
  • 15. KPN REDTEAM Elements of REDteaming A red team exercise simulates criminal activity to challenge a company on their social, technical, and physical defenses: Physical Finding weaknesses in your physical defenses • Gaining unauthorized access to buildings and area’s • Tailgating, • Badge ID’s • Drones • Lock picking doors Cyber Finding weaknesses in your technical defenses • Gaining unauthorized access to your infrastructure and your data • Malware attack • Password brute force on all systems Human Finding weaknesses in your social defenses • Gaining unauthorized access through your employees • Social engineering • Infected USB sticks • Excuses to gain access • Gain trust from employees
  • 17. KPN REDTEAM Take away • Embed security into the DNA of smart city development • Hug the hackers and promote responsible disclosure • Perform regular REDteam/simulation exercises
  • 18. KPN REDTEAM • Twee losse arduino’s • De rechter heeft een temp sensor • De linker heeft een LCD scherm • Middels 433 mhz verbinding wordt de temperatuur verzonden.
  • 19. KPN REDTEAM GQRX • De signaal kunnen we capturen met een SDR software defined Radio • Het signaal recorden en vervolgens analyseren
  • 20. KPN REDTEAM Audacity • Het signaal heeft een binary structuur • De temperatuur is 22 graden 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 01 1 0
  • 21. KPN REDTEAM Thank you Mark de Groot TeamLead KPN REDteam markdegroot@kpn.com IoT is all about the application and infrastructure and it must be secure from the start and into the future