GOTO Amsterdam is a vendor independent international software development conference with more that 50 top speaker and 500 attendees. The conference covers topics such as Java, Open Source, Agile, Architecture, Design, Web, Cloud, New Languages and Processes.

Presentation: "How We're Failing to Secure the Internet of Things"

Track: Internet of Things / Time: Thursday 13:20 - 14:10 / Location: Glazen Zaal

This presentation will do a deep dive into security research, outcomes, and recommendations for two very different contexts of improperly securing the "Internet of Things".
Discussion of network protocols, iOS reverse engineering, firmware security, cloud APIs, and other technical topics will be presented in a straight-forward manner to help ensure that every attendee walking out will know what avenues lead to failure when designing software for Internet-enabled devices.

Hear first hand about the research Mark has conducted that has exposed critical failures in seemingly secure devices that inadvertently put consumers at risk for compromise of personal data and worse. Mark will also explain a best practices list of what to do if a security research ever contacts you to make sure the process goes as well as possible for your company.

If you're a developer who plans to work on embedded devices (especially with a mobile component) this talk will give you real-world examples of what not to do with your software. Don't make the same mistakes others have as we continue to quickly expand the network of connectivity-centric devices populating our homes, businesses, and pockets.

Download slides

Mark Stanislav, Security Evangelist for Duo Security

Mark Stanislav

Biography: Mark Stanislav

Mark Stanislav is the Security Evangelist for Duo Security. Mark earned his Bachelor of Science Degree in Networking & IT Administration and his Master of Science Degree in Technology Studies, focused on Information Assurance, both from Eastern Michigan University. Mark has spoken at over 75 events nationally on topics including information security, web application development, and system administration. He holds his CISSP, Security+, Linux+, and CCSK certifications.

Twitter: @markstanislav