Connected devices, smart devices or more commonly known as the “Internet of Things”.

Call it what you want, but we call it a serious threat to your home and business. IOT devices can be a dangerous entry point into your network and home should any security vulnerabilities be discovered.

Commonly Hacked Devices

Networking

Networking

Network devices such as routers, WiFi access points, firewalls and VPN’s are some of the most commonly exploited IOT devices.

Voice Controllers

Voice Controllers

Do you know who is listening into your private conversations? Hopefully no one, but without a security audit who knows!

Webcams

Webcams

Foreign hackers love to spy on people via their webcams. As a result, the risk of “sextortion” and other invasive crimes are a serious threat.

Smart Locks

Smart Locks

Imagine a scenario where someone hacks the lock on your front door to gain access to your home. It’s a scary thought, but we can help address it.

Smart Lights

Smart Lights

Don’t get left in the dark because of security flaws. Smart lights often have points of entry that could allow someone into your network.

Smart TV's

Smart TVs

Behind every smart TV is an OS that is often left exposed to the internet. We can help you get a clearer picture of what threats are lurking within.

IOT Security Benefits

Just like our software penetration testing services, the ultimate goal of auditing your IOT device is to stay ahead of the bad guys and keep your customers safe. An IOT security audit is an absolute must because the last thing your company needs is to mass produce an insecure device! Some of the main benefits include:

  • Peace of mind knowing that your IOT device is protected against security vulnerabilities and free of backdoors from rogue developers.
  • Protect your brand and reputation from embarrassment should your device ever be compromised.
  • Have a third party expert opinion on where your security stands and address any shortcomings.
  • Stay compliant with the various regulatory requirements of PCI-DSS, ISO 27001, HIPAA, SOX, etc.
  • Avoid costly lawsuits and Government fines should any sensitive data fall into the wrong hands.
  • Save time and money from not having to investigate potential security issues.

Auditing Process

A. When we perform an IOT security audit, the very first thing we do is familiarize ourselves with your device. It’s important that we have a solid foundation of what your device is about and how everything is expected to work. We’ll interact with your device and treat it as if we were a real user, playing around with everything and making mental notes and observations as we go.

Auditing Process

B. Once we are familiar with your device, we begin the process of mapping out every single feature into a detailed checklist. The checklist is basically a glorified flow chart and we follow it with precision to ensure that nothing is overlooked.

C. Using the checklist as our guide, we test every feature for a list of security vulnerabilities. As we work our way down the checklist, anything of concern is marked and we always indicate what types of security vulnerabilities were tested for each feature.

It’s important to note that all of our security testing is done by hand. We do reference OWASP testing practices and may run source code through automated vulnerability scanners, but only after our manual security test is performed.

D. After we have finished our testing, an audit report is prepared that contains the checklist, an itemized list of any security vulnerabilities found and detailed Proof of Concepts to allow your developer(s) the ability to recreate everything.

We also discuss general hardening advice, things that can be done to improve the overall security of your product. If any non-security bugs were found we always mention them as well. Our goal is to not only perform a security audit but also provide valuable QA feedback.

E. When we are completely done everything, the audit report will be sent to you in convenient PDF format. Our security analysts will be made available to discuss the audit report and ensure that you are satisfied and any followup questions are answered.

Why RACK911 Labs

Reputation

Reputation

RACK911 Labs is one of the most respected security firms. We have found hundreds of security flaws using our cutting edge vulnerability research.

Affordable

Affordable

Our security services are some of the most affordable out there. We even offer monthly payment plans to accommodate most budgets.

Manual Testing

Manual Testing

Every security test is performed manually using real world scenarios with the goal of not just thinking like a hacker, but outsmarting them.

Confidential

Confidential

All interaction with us is held to the highest level of confidentiality. Whether you use our services or not, we will never discuss with a third party.

Clear Reports

Clear Reports

All of our security tests include an easy to follow Audit Report to help you understand the security flaws found and how they should be fixed.

Ongoing Support

Ongoing Support

We’re here to help! Whether you have questions or need ongoing security contracts to test every release, we have affordable plans for all of that.