Iot Assessment

Securing the connected world.

We are at the front line of IoT security research & proud owners of expliot.io. We understand the IoT ecosystem inside out. In the last 8+ years, Payatu has performed, security assessment of 100+ IoT product ecosystems.

Extensive/comprehensive testing of all aspects of IoT

  • Physical

    I2C, SPI, UART, GPIO

  • Radio

    Wifi, Bluetooth, GSM, GPRS, GPS (susceptible to radio-based attacks)

  • Remote

    Web application, Web Service, Mobile Application, and Cloud Infrastructure from the Internet.

We have identified eight critical elements of the IoT product ecosystem that needs to be cover during the security assessment/audit process

Our Methodology

Our methodology takes into consideration the industry-wide projects looking at the most commonly vulnerable areas of the application deployments, considering the OWASP top 10 and Web Application Security Consortium.

  • Initial Reconnaissance
  • Meeting with Developer/SME
  • Attack Surface Identification
  • Threat Modeling
  • Protocol Endpoints
  • Cloud Pentest
  • Mobile App Pentest
  • Firmware RE + Vulnerability Analysis
  • Fuzzing Protocol Endpoints
  • Hardware vulnerability analysis
  • Reporting
  • Mitigation Proposal

GET STARTED

Get to know more about our process, methodology & team!

Close the overlay

I am looking for
Please click one!

Latest Blogs See all blog

SEC4ML Part-2: Adversarial Machine Learning attacks
12/07/2020
Card image cap

nikhilj

Intercepting request which requires VPN + socks proxy
12/07/2020
Card image cap

gaurav

IoT Security - Part 10 (Introduction To MQTT Protocol and Security)
26/06/2020
Card image cap

aseem

Latest news See all news

11-July-2020
Webinar, Online

Visit

Munawwar will give security professionals a comprehensive understanding of the ARM Architecture, reversing ARM binaries, exploiting vulnerabilities and the nuances of ARM shellcoding.

21-May-2020
Webinar, Online

Visit

Arun Magesh will be delivering a webinar on Introduction to IoT Reversing Firmware and discussing how to get started with IoT pentesting with hands-on.

25-April-2020
Workshop, Online

Visit

Ashfaq Ansari is conducting a workshop to get you started with kernel vulnerability analysis and exploitation in the Android platform.