IoT
5/7/2018
08:00 PM
50%
50%

10 Lessons From an IoT Demo Lab

The Demo Lab at InteropITX 2018 was all about IoT and the traffic - legitimate and malicious - it adds to an enterprise network.
Previous
1 of 11
Next

(Image: Curtis Franklin, Jr. for Dark Reading

(Image: Curtis Franklin, Jr. for Dark Reading

Success in the enterprise Internet Of Things (IoT) is about connecting devices, securing, monitoring, and managing the processes in an intelligent way. It is, to a great extent, far more about the process than about any given technology, and security must be built into both the processes and each piece of technology used.

Significant opportunities are emerging for enterprises to create new and innovative processes around products and services, both on the enterprise premises and in the cloud. IoT has now developed to the point at which it has begun to disrupt many traditional manufacturing industries with new service propositions and has created new expectations and relationships with customers. Each of these processes, devices, and relationships must be secured and managed if it's to be successful.

As with any architecture built on a network, interoperability between IoT systems is critical. At InteropITX in Las Vegas, the Demo Showcase team provided practical demonstrations of some of the issues surrounding IoT. By design, the team utilized concepts discussed in the conference tracks of Security, Infrastructure, and Data Analytics. At each station and demonstration, members of Interop ITX’s volunteer engineering team explained the technology and process of putting it in the field, and led discussions with attendees individually and in small groups.

(Image: Curtis Franklin, Jr. for Dark Reading

 

Curtis Franklin Jr. is Senior Editor at Dark Reading. In this role he focuses on product and technology coverage for the publication. In addition he works on audio and video programming for Dark Reading and contributes to activities at Interop ITX, Black Hat, INsecurity, and ... View Full Bio

Previous
1 of 11
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
New Mexico Man Sentenced on DDoS, Gun Charges
Dark Reading Staff 5/18/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11354
PUBLISHED: 2018-05-22
In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.
CVE-2018-11355
PUBLISHED: 2018-05-22
In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks.
CVE-2018-11356
PUBLISHED: 2018-05-22
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record.
CVE-2018-11357
PUBLISHED: 2018-05-22
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.
CVE-2018-11358
PUBLISHED: 2018-05-22
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup.