In this episode of SearchSecurity's Risk & Repeat podcast, Tod Beardsley and Rebekah Brown of Rapid7 talk about the IoT threat landscape and improving IoT device security.
In the wake of growing security issues around the internet of things, Rapid7 is venturing into the complicated world of IoT threats.
At Rapid7's recent United 2016 customer conference in Boston, the cybersecurity vendor introduced a new security practice specifically designed to address IoT threats. The practice includes consulting and assessment services, such as penetration testing, and vulnerability analysis for IoT devices, as well as related applications, firmware, APIs and other components.
At United 2016, SearchSecurity site editor Peter Loshin spoke with Tod Beardsley, senior security research manager at Rapid7, and Rebekah Brown, threat intelligence lead at Rapid7, about the issue of IoT device security and what can be done to address the threats and vulnerabilities facing enterprises.
How serious are IoT threats like the Mirai botnet? What can be done about connected devices that weren't designed to be updated? How much responsibility is on users to change default passwords versus the manufacturers who designed the devices? Brown and Beardsley discuss those topics, as well as issues such as responsible vulnerability disclosure, the role of security analytics and their personal experiences with pen testing and incident response.
Listen to the interview with Rapid7's Brown and Beardsley in the latest episode of SearchSecurity's Risk & Repeat podcast.
Risk & Repeat: What do the Rule 41 changes mean for cybersecurity?
Risk & Repeat: New Yahoo data breach details emerge
Risk & Repeat: The debate over a Windows zero-day disclosure