Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
Securing IoT: From Security to Practical Pentesting on IoT
Rating: 3.7 out of 5(104 ratings)
632 students

Securing IoT: From Security to Practical Pentesting on IoT

Learn about Systems, Security architecture and perform IoT penetration testing with industry-specific tools
Last updated 4/2019
English

What you'll learn

  • Learn current security issues related to the IoT and common security architectures.
  • Identify Threats, Vulnerabilities, and Risks.
  • Incorporating privacy controls into the new IoT systems designs.
  • Discuss privacy regulations and standards that apply to secure IoT systems and keeping stakeholder information private.
  • In-depth exploration of privacy challenges and mitigations for the IoT.
  • Perform Gateway Penetration Testing on VyOS by hacking the gateway and its services.
  • Implement Wireless Penetration Testing on your Google wireless device.
  • Perform Endpoint Penetration Testing on Client Servers and Machines like Amazon echo, tp -link device and software firewalls like Comodo and private eye.
  • Pentest your Android devices with Android Studio.

Course content

2 sections53 lectures4h 57m total length
  • The Course Overview1:18

    This video will give you an overview about the course.

  • Case Study: Connected and Self-driving Vehicles8:59

    The aim of this video is to study about connected and self-driving vehicles.

    • Explore the types of connected vehicles

    • Learn about threats to the connected vehicles

    • Learn what is Security Credential Management System

  • Case Study: Microgrids4:38

    This video is a case study on Microgrids.

    • Get to know what a Microgrid is

    • Explore the Rise of Cyber Physical Systems

    • Get an understanding on security threats to CPS

  • Case Study: Smart City Drone Systems6:33

    This video is a case study of Smart City Drone Systems.

    • Study about Drone system challenges

    • Learn about the threats to drone systems

    • Get a brief understanding of drone system Operational Security Goals

  • IoT Hardware and Software7:57

    The aim of this video is to study about IoT connected components.

    • Learn about the IoT technology stack

    • Make the use of cryptographic hardware

    • Learn about RTOS

  • IoT Communication and Messaging Protocols7:32

    The aim of this video is to learn about IoT communication and messaging protocols.

    • Know more about Wireless Sensor Networks

    • Study the various communication protocols

    • Explore Bluetooth communication

  • IoT Interfaces and Services7:17

    The aim of this video is to learn about various IoT interfaces and services.

    • Learn the Fog Reference Architecture

    • Study AWS and Azure Cloud Services in brief

  • Threats, Vulnerabilities and Risks6:20

    The aim of this video is to discuss in deep about threats, vulnerabilities, and risks.

    • Learn about the pillars of Information Assurance

    • Study about the various threat actors

  • Case Study: The Mirai Botnet Opens up Pandora's Box6:59

    The aim of this video is to study about the Mirai Botnet attack.

    • Learn about the Mirai Botnets attack on Dyn

    • Study about DDoS attack

    • Study about how the Botnet devices are compromised

  • Today's Attack Vectors11:33

    The aim of this video is to study about various IoT attack vectors.

    • Study about the attack on Lockstate

    • Study about OWSAP testing guidelines

    • Study about various ways your devices can be protected

  • Current IoT Security Regulations5:54

    The aim of this video is to study about the current state of IoT security regulations.

    • Study about the primary focus of Legislation to secure IoT devices

    • Study about the Cybersecurity requirements given by the European Commission

    • Study about the FDA Postmarket CyberSecurity Guidance

  • Current IoT Privacy Regulations6:37

    The aim of this video is to learn about the current state of IoT privacy regulations.

    • Study about the EU Article 29 Data Protection Working Party Opinion on the IoT

    • Study about GDPR, privacy and the IoT

    • Study about European ePrivacy Regulation

  • An Introduction to IoT Security Architectures7:39

    The aim of this video is to study the concept of IoT Security Architecture.

    • Study about the various components of Security Architecture

    • Study about the IoT Enterprise System

    • Study the concepts of IoT Security Architecture

  • What is Threat Modeling7:19

    The aim of this video is to study the concept of threat modeling.

    • Study about what is threat modeling

    • Learn about the threat modeling process

    • Define the various threat actors

  • Identifying Assets3:28

    The aim of this video is to identify the various assets that could be included in our smart parking garage system.

    • Study about information assets

    • Study about the asset table

  • Creating a System Architecture4:29

    The aim of this video is to study the various technologies used in creating a system architecture.

    • Study about the system architecture

    • Study about Smart Parking System

    • Learn about the parking system process

  • Documenting Threats5:16

    The aim of this video is to study how to document threats to your IoT system.

    • Study the different types of threats

    • Learn about examining threats

    • Learn about documenting threats

  • Rating Threats5:01

    The aim of this video is to study how to rate threats.

    • Learn how to examine and assign score to a threat

    • Rate the smart parking threats

    • Take actions based on the types of threats

  • IoT Privacy Concerns11:08

    The aim of this video is to examine privacy challenges associated with the IoT.

    • Study the various types of privacy concerns

    • The need for anonymity

    • Study about the DIJ drones

  • Privacy by Design (PbD)5:42

    The aim of this video is to study about ways to embed privacy into the design.

    • Study about the various privacy by Design Principles

    • Analyze privacy impacts

    • Study how to verify your IoT privacy objectives

  • Conducting a Privacy Impact Assessment (PIA)7:43

    The aim of this video is to study the various activities that should be undertaken when conducting a privacy impact.

    • Study the Privacy Impact Assessment Process

    • Study about map PII elements to security controls

    • Study the various Data Retention Policies

  • Case Study: The Connected Barbie5:54

    The aim of this video is to study about the real world example of Connected Barbie.

    • Study about the various privacy considerations with connected products

    • Classification of collected information

    • Study the use of collected information

  • Test Your Knowledge

Requirements

  • Basic pentesting knowledge is necessary for this course.

Description

The Internet of things is the network of physical objects or things embedded with electronics, software, sensors, and network connectivity which enables these objects to collect and exchange data whereas IoT Pentesting is much like taking a battering ram to the door of a fortress. You keep pounding away but try to find a secret backdoor to enter through.

With this practically oriented course, you will first start with deep dive into common IoT components and technologies to protect your systems and devices. Then you will explore some common IoT use cases across Industries for connected vehicles, microgrids and enterprise drone systems, along with this you will also be focusing on threats to IoT systems, attack vectors, current security regulations, and standards and common security architectures. Moving on, you will learn how to perform pentesting on advanced IoT Devices including Amazon Eco, Logitech Cameras, the Google Nexus phone, Vyos Gateways, TP-Link Smart Switches, and firewalls to ensure that the hardware devices and the software are free of any security loopholes.

Contents and Overview

This training program includes 2 complete courses, carefully chosen to give you the most comprehensive training possible.

The first course, Fundamentals of IoT Security will cover fundamental aspects of the Internet of Things, to include a review of use cases across various industries, we will discuss common IoT components and technologies to provide a baseline understanding of the systems and devices that you need to protect. We will also review common security architectures that can be applied to IoT systems, and discusses regulations and standards that apply to secure IoT systems. We will study of IOT components such as the IoT (hardware, real-time operating systems (RTOS), Application Programming Interfaces (APIs), messaging and communication protocols and backend services. We will discuss threats to IoT systems, attack vectors, current security regulations, and standards and common security architectures. We will examine Privacy by Design (PbD) principles and walk through an example Privacy Impact Assessment (PIA). By the end of this course, you will understand the fundamentals of IoT systems and IoT security and be able to identify threats and required mitigations to their own IoT systems.

The second course, Hands-On IoT Penetration Testing begins with the IoT device architecture to help you understand the most common vulnerabilities. You'll explore networks, sniffing out vulnerabilities while also ensuring that the hardware devices and the software running on them are free of any security loopholes. Moving on, you will learn how to perform pentesting on advanced IoT Devices including Amazon Eco, Logitech Cameras, the Google Nexus phone, Vyos Gateways, TP-Link Smart Switches, and firewalls. By the end of the course, you will be able to create IoT pentesting reports. After completion of the course, you will be able to penetrate even the most densely populated IoT networks.

About the Authors:

  • Brian Russell is a chief engineer focused on cybersecurity solutions for Leidos. He oversees the design and development of security solutions and the implementation of privacy and trust controls for customers, with a focus on securing the Internet of Things (IoT). Brian leads efforts that include security engineering for Unmanned Aircraft Systems (UAS) and connected vehicles and development security systems, including high assurance cryptographic key management systems. He has 16 years of information security experience. He serves as chair of the Cloud Security Alliance (CSA) Internet of Things (IoT) Working Group, and as a member of the Federal Communications Commission (FCC) Technological Advisory Council (TAC) Cybersecurity Working Group. Brian also volunteers in support of the Center for Internet Security (CIS) 20 Critical Security Controls Editorial Panel and the Securing Smart Cities (SSC) Initiative


  • Sunil Gupta is a certified ethical hacker. Currently, he teaches 45,000+ students online in 150+ countries. He is a specialist in ethical hacking and cybersecurity.

    His strengths lie in vulnerability assessment, penetration testing, intrusion detection, risk identification, data analysis, reporting, and briefing.

Who this course is for:

  • This course is for IoT product managers, software and systems engineering managers, IT security professionals, IoT developers, pentesters, and security professionals who are willing to learn the unique characteristics and challenges of IoT system security.