IoT Penetration Testing
Depending on what industry you are in -
Smart Home Automation
Medical / Healthcare
Industrial Control Systems
Wearable
Energy/Utility
Automotive
Retail
Enterprise IoT
Attify can provide you tailored penetration testing services - which will fulfill your requirements.
Attify's specialized subject-matter experts will help uncover vulnerabilities in your product which you would typically miss in your testing.
When SHOULD YOU CONDUCT PENTEST?
As early as possible.
However, Attify can work with you at all the different stages of your product life cycle:
Planning and pre-development phase
Helping you design a secure architecture
Integrating continuous IoT security testing in your DevOps cycle
Recommending best practices for the developers to be followed
During development
Iteratively assess your solution for security issues
Continuous Secure code review
Involving security as part of an automated process
Post-development and post-shipping
Conducting pentests for all major releases
Managing the security program and interacting with external researchers
Patch management and security updates recommendations
Our approach to pentesting
Attify offers a complete security assessment and penetration testing through our unique offering of Attacker Simulated Exploitation for IoT solutions.
This involves our security researchers compromising your system and devices with an attacker’s mindset, thus revealing any possible security holes that might lead to a security breach of your IoT device.
In most of the cases even though devices share similar types of vulnerabilities, we often devote our time into unique ways of exploitation, and into things such as combining two lesser critical vulnerabilities to result in a major compromise.
THE INITIAL CALL
Attify is extremely selective in deciding whom to work with, and we only work with clients whom we believe we can really provide enormous value.
This is why the initial call is important. Some of the topics that we cover during the call are -
Scope of the penetration testing engagement
What are your biggest fears regarding security of your solution
Your organization's current security posture
Explaining about our penetration testing methodology for your product
Expected time duration and financials
Since each company is unique, we want to serve you in the most unique way possible which gets you the best results, instead of serving a generalized pentest offering.
WHAT kind of companies do we work with?
We work with all kind of companies - the most common being VC-backed startups and businesses entering into the IoT space.
We like working with organizations where security is given importance rather than just being a mandate.
INTERESTED? -
Reach out to us using the contact form below.
We have decided to make our pricing for the engagements transparent instead of spending time negotiating back-and-forth and rather focusing on the engagement.
Components involved
A typical IoT penetration test (Attacker Simulated Exploitation) would involve the following components:
Attack Surface Mapping
Our entire team spends between 1-2 days to perform an in-depth Attack Surface Map of your solution.
In this stage, we prepare a highly detailed architecture diagram highlighting all the possible entry points for a malicious dedicated attacker.
Firmware reverse engineering and binary exploitation
Reverse engineering firmware binaries
Encryption analysis and Obfuscation techniques in use
3rd party libraries and SDKs
Binary reverse engineering and exploitation
Debugging binaries to gain sensitive info
Hardware based exploitation
Assessing hardware communication protocols such as UART, SPI, I2C etc.
JTAG debugging and exploitation
Logic sniffing and bus tampering
Dumping sensitive information and firmware
Proprietary communication protocol reversing
Tampering protection mechanisms
Glitching and Side-Channel attacks
Security features included in the hardware
Web, Mobile and Cloud vulnerabilities
Vulnerabilities in the web dashboard - XSS, Injection based attacks, IDOR, Authorization and Authentication bugs and more
Mobile application security issues identification and exploitation for Android and iOS - Platform related security issues, App reversing, Binary instrumentation techniques to gain sensitive information etc.
API based security issues
Cloud-based and vulnerabilities in the backend systems
Radio security analysis
Assessment of radio communication protocols
Sniffing the radio packets being transmitted and received
Modifying and replaying the packets for device takeover attacks
Jamming based attacks
Accessing the encryption key through various techniques
Radio communication reversing for proprietary protocols
Attacking protocol specific vulnerabilities
Exploiting communication protocols such as BLE, ZigBee, 6LoWPAN, zWave, LoRa etc. through insecurities and vulnerable implementations
PII data security analysis (optional)
Ensuring that customers data are kept with highest security standards
Ensuring that no PII information is being leaked through any channels - web, mobile, hardware or radio
Additional assessment of data-at-rest and data-at-transit
Providing you with a PII report
Report preparation
Preparing an in-depth report including both technical details, non-technical summary and an executive summary
Providing you with all the scripts, Proof of Concepts, exploitation techniques, demos or code snippets that were created during the engagement
Categorizing the vulnerabilities based on criticality for your given product and user use-case scenario
Re-assessment
Once the bugs have been patched, we perform an in-depth reassessment to ensure that the bugs have been fixed security
Also checking for the fact that the patches did not introduce any additional vulnerabilities
Certification
Attify provides you an IoT Secure Product certification after the completion of the reassessment which signifies that a thorough penetration test was performed by Attify and the product is now secure.
Want to see how an attacker can compromise your IoT product?
We'll show you how and help you fix the security issues
to create a safer and secure product which your users would love.