Internet of Things (IoT) Testing
LRQA Nettitude routinely works closely with the creators of smart devices in order to provide assurance around the security posture of their devices. Internet of Things (IoT) testing services provide a valuable way to assess the security levels associated with a given connected device.
LRQA Nettitude has extensive experience in Internet of Things (IoT) and assuring:
- Smart devices for domestic usage
- Smart devices for industrial usage
- Smart metering
- Connections for utilities
- Smart devices aimed at the automotive and transport sector
When is Internet of Things (IoT) applicable?
LRQA Nettitude recommends an Internet of Things (IoT) security test is performed for any device that will be connected to a network under normal use. From cameras to toothbrushes, connected devices are actively being targeted by threat actors aiming to:
- Build botnets
- Serve malicious or illegally obtained software
- Compromise individual and corporate privacy
- Details of the motivations and goals for the relevant threats
In particular, devices that are designed to be ‘plug and play‘ should be subject to an Internet of Things (IoT) penetration test; their low barrier to setup often means that they are deployed in suboptimal security configurations. For organizations that produce Internet of Things (IoT) devices and are concerned about their security posture, LRQA Nettitude offers a world-class penetration testing service.
How do LRQA Nettitude Perform an Internet of Things (IoT)?
Compared with more traditional areas of penetration testing Internet of Things (IoT) presents a number of unique challenges. One of the main challenges lies in diversity; varying architectures, communication protocols, coding and operating systems result in almost immeasurable combinations of technology. Therefore, LRQA Nettitude utilises only the most experienced penetration testers for Internet of Things (IoT).
LRQA Nettitude’s security consultants ensure that the full attack surface and all use cases are considered in order to give full levels of assurance. Broadly, an Internet of Things (IoT) test focuses on the following areas:
Hardware Firmware Application Network Encryption
What’s The Output Of An Internet of Things (IoT) Security Test?
Any organization that works with LRQA Nettitude on Internet of Things (IoT) security testing can expect two fully quality-assured reports per engagement. The first is a management report, which is designed to be consumed by a non-technical audience and relays the overall security posture of the target device in terms of risk.
The second is a technical report, which provides in-depth technical detail for each finding, including relevant and actionable remedial advice. Of course, the engagement doesn’t stop there. LRQA Nettitude always encourages a debrief to ensure full comprehension has been achieved. It’s an opportunity to ask absolutely any questions at all. After the debrief, the organization is welcome to stay in touch with LRQA Nettitude and receive top-quality security advice.