[OWASP IoT Project] Manufacturer vs Developer recommendations

Ehsan Foroughi ehsan at securitycompass.com
Thu Jun 11 10:43:06 UTC 2015


It does. Thanks

Ehsan Foroughi
Director of Product Management | M.Sc., CISSP, CISM
Security Compass

p:  +1 (888) 777-2211  x111
m: +1 (416) 732-1743

www.securitycompass.com<http://www.securitycompass.com/> | www.sdelements.com<http://sdelements.com/>

From: Daniel Miessler <daniel.miessler at owasp.org<mailto:daniel.miessler at owasp.org>>
Date: Thursday, June 11, 2015 at 3:18 AM
To: Ehsan Foroughi <ehsan at securitycompass.com<mailto:ehsan at securitycompass.com>>
Cc: "owasp_internet_of_things_top_ten_project at lists.owasp.org<mailto:owasp_internet_of_things_top_ten_project at lists.owasp.org>" <owasp_internet_of_things_top_ten_project at lists.owasp.org<mailto:owasp_internet_of_things_top_ten_project at lists.owasp.org>>
Subject: Re: [OWASP IoT Project] Manufacturer vs Developer recommendations


On Jun 9, 2015, at 3:38 PM, Ehsan Foroughi <ehsan at securitycompass.com<mailto:ehsan at securitycompass.com>> wrote:

What is the purpose of having a distinct Manufacturer vs Developer recommendation?
I was checking out:
Manufacturer IoT Security Guidance - https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project#tab=Manufacturers
vs
Developer IoT Security Guidance - https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project#tab=Developers

I feel a close to 100% overlap there and a lot of redundancy.

Hi Eshan,

I think this is a great point, and we were on the fence about it as well.

Basically, we broke it down as developers being just one person, or a small group, and manufacturers being large organizations. But you’re absolutely right, and I think we might just remove the Developer tab and keep that information in the Manufacturer one.

Does that make sense to you?

[cid:BA900F74-2E63-4E64-BAFB-5F096DA39D1A at danielmiessler.lan]

Daniel Miessler
OWASP IoT Project Leader
Daniel.Miessler at owasp.org<mailto:Daniel.Miessler at owasp.org>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_internet_of_things_top_ten_project/attachments/20150611/0001e409/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: DanielSignature.png
Type: image/png
Size: 3798 bytes
Desc: DanielSignature.png
URL: <http://lists.owasp.org/pipermail/owasp_internet_of_things_top_ten_project/attachments/20150611/0001e409/attachment-0001.png>


More information about the Owasp_internet_of_things_top_ten_project mailing list