WoTT Security Blog Musings, thoughts, ideas, releases on security
Open Source Security audit checklist for linux systems By Al Esmail on October 04, 2019 We so often hear from developers that they don’t need to worry about cyber security because they’re too small to be targeted or because they trust their service providers to take care of it for them. Sound like someone you know? Well, let’s start with a quick synopsis of recent cloud failures... Continue reading
The significance of mTLS and why you should care about it By Nikoletta Triantafyllopoulou on September 09, 2019 Introduction Security in the IoT industry should also include the devices and not only the network or the cloud. Secure device management is all about machine identities and mTLS. Let us have a closer look at what mTLS does and why it is an essential parameter of IoT security. What is mTLS?... Continue reading
IoT Encryption Failures and how to avoid them By Nikoletta Triantafyllopoulou on August 28, 2019 IoT encryption failures and how to avoid them Introduction The stories of misconfigured security systems leading to leaks of client data are common. Take for example the Equifax data breach back in 2017. The vulnerability was detected with a great delay due to expired certificates. According to Venafi The device inspecting encrypted... Continue reading
The Future of IoT By Nikoletta Triantafyllopoulou on August 16, 2019 The Future of IoT Introduction The Future of IoT is both fascinating and challenging. As the number of connected devices is expected to triple by 2025, there are many significant questions and issues rising. Such as what does this mean for the Industry? What implications does this create? To start with, security... Continue reading
IoT Security Issues and Challenges By Nikoletta Triantafyllopoulou on August 12, 2019 IoT Security Issues and Challenges IoT Security issues are quite a challenge for this burgeoning industry. There is a growing number of devices, applications and systems which turn to IoT. This helps them to upscale their efficiency and their services and to make life easier for users. So let us take a... Continue reading
Why open source solutions are critical for IoT By Al Esmail on June 25, 2019 TL;DR IoT needs one ring to rule them all and it’s not a platform. In my last post, I described the relevance of open source security. For very different reasons, I will argue here that the internet of things (and cyber-physical systems in general) are in desperate need of open source software... Continue reading
Why open source is critical for InfoSec By Al Esmail on June 24, 2019 TL;DR Proprietary security is a fresh cow pie hiding in the tall grass. Figure 1 - How I imagine decision fatigued CTOs see the world when speaking to proprietary security vendors. Can you spot the cow pie? In a previous post, I advocated for the merits of DevSecOps and shift left security.... Continue reading
Why shift-left security is relevant for IoT By Al Esmail on June 23, 2019 TL;DR Cyber is best handled by developers with big, bulging…brains. Figure 1 - Cyber is sexier than a Harvard trained, Academy Award winning actress. In our first blog post, I articulated that we are strong proponents of shift-left security. The idea that security should be incorporated as early as possible during application... Continue reading
WoTT secures the Internet of Things By Al Esmail on June 22, 2019 TL;DR It’s Let’s Encrypt for IoT - you know you want it. Figure 1 - If the web can have it, why can’t IoT? In my first blog post, I articulated why we do what we do at WoTT. Namely, that security is a necessary condition for a future involving advanced cyber-physical... Continue reading
Subscribe to our newsletter