This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Sunday, February 12 • 12:25pm - 12:55pm
Assessing the Embedded Devices On Your Network

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.

Embedded devices (including the so-called Internet of Things) pose unique problems for those responsible for managing and assessing their security.  The devices tend to be less transparent and more tightly integrated than typical software and generally lack the host-based security controls (privilege separation, host firewalls, etc.) found on desktop or server applications.  This talk will cover some of the unique constraints for threat modeling and assessing these devices, then walk through an assessment of a VoIP phone and discuss the issues found there, including potential mitigations that can be applied if a device cannot be updated.


David Tomaschik

David has been breaking software and playing CTFs for years before making security a profession. He currently works on the Security Assessments team at Google, looking at a range of issues from embedded devices to customer-facing products.

Sunday February 12, 2017 12:25pm - 12:55pm