Securing the Internet of Things (IoT) – Through Security Research and Vulnerability Analysis

You must be logged in to view selected exclusive Video content. Register your free account today here !

Session Abstract:

IoT now permeates daily life – from homes, to automobiles, and even personal health – and is expected to grow to over 25 billion devices by 2020. We struggle to balance technology usability and convenience, while still maintaining some semblance of security. To help achieve that balance, in come the good guys, “The Security Researchers”! In this presentation, we will dive into the world of IoT security research and the processes around analysis and testing of IoT technologies. By evaluating and reviewing various methodologies, we will illustrate effective IoT security testing using a holistic approach that focuses on the entire ecosystem of an IoT solution, including: hardware, mobile, and cloud environments – leaving no stone unturned. To complete the process, we will discuss how working with IoT manufacturers we resolve and mitigate discovered security issues and ethically disclose findings.


Deral Heiland CISSP,
Research Lead IoT at Rapid7

Deral Heiland CISSP, serves as a Research Lead for Rapid7. Deral has over 20 years of experience in the Information Technology field, and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 8+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also conducted security research on a numerous technical subject, releasing white papers, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, Hackcon Norway, Hack In Paris. Deral has been interviewed by and quoted by several media outlets and publications including Bloomberg UTV, MIT Technical Review, MSNBC, SC Magazine, Threat Post and The Register.

Session Tags:

End-User, Government, Enterprise

Security, Risk, Cloud, Mobile, Embedded

Technical, Operations


Manufacturing, Industrials, Consumer, Automotive

Join our IoT Community at

IoT Grand Slam Virtual Internet of Things Conference

IoT Slam Internet of Things Conference, Bryson Koehler