[OWASP IoT Project] Manufacturer vs Developer recommendations

Daniel Miessler daniel.miessler at owasp.org
Thu Jun 11 07:18:04 UTC 2015


> On Jun 9, 2015, at 3:38 PM, Ehsan Foroughi <ehsan at securitycompass.com> wrote:
> 
> What is the purpose of having a distinct Manufacturer vs Developer recommendation?
> I was checking out:
> Manufacturer IoT Security Guidance - https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project#tab=Manufacturers <https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project#tab=Manufacturers>
> vs
> Developer IoT Security Guidance - https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project#tab=Developers <https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project#tab=Developers>
> 
> I feel a close to 100% overlap there and a lot of redundancy.

Hi Eshan,

I think this is a great point, and we were on the fence about it as well.

Basically, we broke it down as developers being just one person, or a small group, and manufacturers being large organizations. But you’re absolutely right, and I think we might just remove the Developer tab and keep that information in the Manufacturer one.

Does that make sense to you?



Daniel Miessler
OWASP IoT Project Leader
Daniel.Miessler at owasp.org <mailto:Daniel.Miessler at owasp.org> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_internet_of_things_top_ten_project/attachments/20150611/a871496f/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: DanielSignature.png
Type: image/png
Size: 3798 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp_internet_of_things_top_ten_project/attachments/20150611/a871496f/attachment.png>


More information about the Owasp_internet_of_things_top_ten_project mailing list