IoT & Embedded Security Assessments and Training

IoT & Embedded Security: Little Things. Big Things. Big Threats.

Little & Big Things. Massive Threats.

On top of the usual threats to IT networks, applications, and cloud services, IoT devices create an expanded, distributed attack surface.

To stay ahead of threats, our IoT Center of Excellence conducts ongoing research on chipsets, Real-Time OS (RTOS), and deployment platforms for all connected “things” – from medical devices to robotics and consumer electronics.

We use this expertise to help clients like Honeywell, Qualcomm, Citgo, and Motorola reduce risk through security-focused design, testing, and training.

Full Stack Security Analysis

Full Stack Security Analysis

At the physical, communications, and software layer

These methodical assessments help determine if attackers can bypass authentication controls, program devices, or tamper with data.

  • Review architecture and create threat models.
  • Attack the physical device and extract the firmware.
  • Exploit mobile applications in use.
  • Find weak or unprotected Web APIs.
  • Assess attack surface and cloud infrastructure/ services.

IoT Training

IoT Security Training

for Builders, Operators, and Defenders

Our progressive training covers the full spectrum of IoT software assurance, from security design best practices to defensive coding and protecting infrastructure. We also have coverage for related technologies like Blockchain, Mobile, API, and the Cloud.

Fix your Skill, Technology and Process Gaps!

Unrivaled IoT Expertise

Our strong crypto, embedded, communication protocol, and software analysis skills are put to the test on set-top boxes, personal entertainment devices, and transactional kiosks.

We’ve conducted assessments for a variety of IoT systems, including:

  • Tablets that interface with a power grid.
  • Sprinkler systems.
  • Cloud-based printers.
  • Point of Sale (PoS) and breathalyzers devices.
  • PLC and mobile phone firmware drivers.
  • Thales Hardware Security Module (HSM).
  • Information kiosks.
  • Wireless interfaces and OBD port for a connected motorcycle platform.

Geoff Vaughan, Principal Security Engineer

IoT Center of Excellence (CoE) Lead

Geoff Vaughan

Security Engineer Manager

Geoff is an Application & IT Security expert helping companies secure software and devices throughout all stages of development. He specializes in finding exploitable vulnerabilities in software applications as well as reverse engineering binaries to locate vulnerable code.