Little & Big Things. Massive Threats.
On top of the usual threats to IT networks,applications, and cloud services, IoTdevices create an expanded, distributed attack surface.
To stayahead of threats, our IoT Center of Excellenceconducts ongoing research on chipsets, Real-Time OSs(RTOS), and deployment platforms for all connected“things” – from medical devices to robotics andconsumer electronics.
We use this expertise to help clients like Honeywell,Qualcomm, Citgo, and Motorola reduce risk through security-focused design, testing, and training.
Full Stack Security Analysis
At the physical, communications, and software layer
These methodical assessments help determine if attackers can bypassauthentication controls, program devices, or tamper with data.
- Review architecture and create threat models
- Attack the physical device and extract firmware
- Exploit mobile applications in use
- Find weak or unprotected Web APIs
- Assess attack surface and cloud infrastructure/services
IoT Security Training
for Builders, Operators and Defenders
Our progressive training covers the full spectrum of IoTsoftware assurance, from security design best practices todefensive coding and protecting infrastructure. We also have coverage for related technologies like Blockchain, Mobile, API, and the Cloud.
Unrivaled IoT Expertise
Our strong crypto, embedded, communication protocol,and software analysis skills are put tothe test on set-top boxes, personalentertainment devices, andtransactional kiosks.
We’ve conducted assessments for avariety of IoT systems, including:
- Tablet that interfaces with a power grid
- Sprinkler systems
- Cloud-based printers
- Point of Sale (PoS) and breathalyzers devices
- PLC and mobile phone firmware drivers
- Thales Hardware Security Module(HSM)
- Information kiosks
- Wireless interfaces and OBD port for a connected motorcycle platform
IoT Center of Excellence (CoE) Lead
Geoff Vaughan
Security Engineer Manager
Geoff is an Application & IT Security expert helping companies secure software and devices throughout all stages of development. He specializes in finding exploitable vulnerabilities in software applications as well as reverse engineering binaries to locate vulnerable code.