This course provides an overview of and guidance for threats to IoT web interfaces, including overexposed ports, vulnerable default passwords, account enumeration, multiple authentication attempts, cross-site scripting, cross-site request forgery, SQL injection, and command injection.
On successful completion of this course, learners will understand secure coding best practices for IoT web interfaces, including how to defend against:
- Overexposed ports
- Vulnerable default passwords
- Account enumeration
- Multiple authentication attempts
- Cross-site scripting
- Cross-site request forgery
- SQL injection
- Command injection
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.