IBM (X-Force Red)

IoT security requires a multi-layer approach to security through vulnerability discovery and threat hunting. When customers conceptualize and design their IoT products, they should be aware that there are now emerging obligations necessitating the delivery of end-to-end fully secure IoT solutions. • New regulatory compliance requirements for IoT • Data privacy regulations • Industry standards and best practices • Product security certifications IBM X-Force Red offers offensive security services, which include penetration testing of IoT products and the connected infrastructure to uncover and help fix exploitable vulnerabilities before attackers can leverage them. Testing can occur before and after products go to market. X-Force Red evaluates and uncovers high-risk vulnerabilities through hands-on penetration (pen) testing. Testing is performed at the device level, the network layer (RF protocols, mobile device connectivity), and the products cloud, data, and application layers. X-Force Red’s testers are hackers, engineers and developers. They understand the security vulnerabilities that can surface during the design, production, and device life cycle.