Join us as Larry Pesce, Finite State Product Security Research and Analysis Director, provides practical insights into overcoming SBOM generation challenges and enhancing security in the IoT ecosystem.

SBOMs are critical for transparency and security in IoT devices, particularly in vulnerability management. In this session, we will dig into an example of the challenges faced with the Davolink Bob the Minion WiFi router, where restricted firmware requires an unconventional SBOM generation approach.

Join this session to learn about hardware hacking techniques, such as disassembling the router and using SPI flash interfaces to extract the firmware, which is then analyzed for vulnerabilities for reporting to Davolink.

These findings underscore the need for improved security practices and transparency in IoT device manufacturing.