WoTT Security Blog Musings, thoughts, ideas, releases on security
Open Source How to Do a CVE Scan of Your Linux System By Al Esmail on November 04, 2019 Introduction Common Vulnerabilities and Exposures (CVE) is a list of publicly known cybersecurity vulnerabilities. Each vulnerability is given a unique CVE number by which it can be identified and referenced. The list can be easily accessed for free online, but wouldn’t it be nice to be automatically notified when you are affected... Continue reading
How to Audit OpenSSH Configuration and Secure It By Mahmoud Fahmy on October 25, 2019 Introduction Required Skill Level: Beginner to Medium Reading Time: 15-20 Minutes In this post, we will review the fundamentals of a secure OpenSSH server. As you probably know the SSH (Secure Shell) is a method to remote login to a server. SSH is usually secure however if used with the default settings,... Continue reading
What is SELinux and Why You Might Want It By Fiona McAllister on October 15, 2019 Introduction Today we’re going to talk about SELinux - Security Enhanced Linux. For the everyday layman SELinux maybe daunting to setup, but is a good introduction into different ways to manage access control to your systems. More and more we give companies our precious data and the onus should be placed on... Continue reading
Security audit checklist for linux systems By Al Esmail on October 04, 2019 We so often hear from developers that they don’t need to worry about cyber security because they’re too small to be targeted or because they trust their service providers to take care of it for them. Sound like someone you know? Well, let’s start with a quick synopsis of recent cloud failures... Continue reading
The significance of mTLS and why you should care about it By Nikoletta Triantafyllopoulou on September 09, 2019 Introduction Security in the IoT industry should also include the devices and not only the network or the cloud. Secure device management is all about machine identities and mTLS. Let us have a closer look at what mTLS does and why it is an essential parameter of IoT security. What is mTLS?... Continue reading
IoT Encryption Failures and how to avoid them By Nikoletta Triantafyllopoulou on August 28, 2019 IoT encryption failures and how to avoid them Introduction The stories of misconfigured security systems leading to leaks of client data are common. Take for example the Equifax data breach back in 2017. The vulnerability was detected with a great delay due to expired certificates. According to Venafi The device inspecting encrypted... Continue reading
The Future of IoT By Nikoletta Triantafyllopoulou on August 16, 2019 The Future of IoT Introduction The Future of IoT is both fascinating and challenging. As the number of connected devices is expected to triple by 2025, there are many significant questions and issues rising. Such as what does this mean for the Industry? What implications does this create? To start with, security... Continue reading
IoT Security Issues and Challenges By Nikoletta Triantafyllopoulou on August 12, 2019 IoT Security Issues and Challenges IoT Security issues are quite a challenge for this burgeoning industry. There is a growing number of devices, applications and systems which turn to IoT. This helps them to upscale their efficiency and their services and to make life easier for users. So let us take a... Continue reading
Using WoTT to Secure a Paho MQTT Client By Fiona McAllister on July 19, 2019 Using WoTT to Secure a Connection from a Paho MQTT Client to an MQTT Server (Mosquitto MQTT Example included) Introduction In a previous example we discussed how to secure connections between an Mosquitto MQTT broker and the Mosquitto client. In that there are several different brokers for an MQTT brokers, there are... Continue reading
Connecting Edge IoT devices with Kubernetes By Viktor Petersson on July 18, 2019 Bridging Edge IoT devices with Kubernetes Required Skill Level: Medium to Expert In my last blog post, we covered how to configure Nginx to use Mutual TLS (mTLS). This illustrated how mTLS can both simplify the back-end, while also make it more secure. In this article, we will take this one step... Continue reading
Subscribe to our newsletter