The Open Web Application Security Project (OWASP) has launched the OWASP Internet of Things Top Ten Project to help vendors who are interested in making common appliances and gadgets network/Internet accessible.
The project walks through the top ten iot security problems that are seen with IoT devices, and how to prevent them. OWASP has identified those top 10 problems as being:
- 1 Insecure Web Interface
- 2 Insufficient Authentication/Authorization
- 3 Insecure Network Services
- 4 Lack of Transport Encryption
- 5 Privacy Concerns
- 6 Insecure Cloud Interface
- 7 Insecure Mobile Interface
- 8 Insufficient Security Configurability
- 9 Insecure Software/Firmware
- 10 Poor Physical Security
The OWASP Foundation came online on December 1st 2001 it was established as a not-for-profit charitable organisation in the United States on April 21, 2004. OWASP is an international organiswation and the OWASP Foundation supports OWASP efforts around the world. OWASP is an open community dedicated to enabling organisations to conceive, develop, acquire, operate and maintain applications that can be trusted.
All of the OWASP tools, documents, forums and chapters are free and open to anyone interested in improving application security. The organisation advocates approaching application security as a people, process and technology problem because, it says “the most effective approaches to application security include improvements in all of these areas.”
OWASP claims to be a new kind of organisation. “Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security,” it says.
OWASP is not affiliated with any technology company. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative and open way. The OWASP Foundation is a not-for-profit entity created to ensure the project’s long-term success.