Secure IoT Devices by Design

At NeroTeam Security Labs we help organizations and engineering teams build IoT devices secured by design throughout the entire product lifecycle. We help to enhance and strengthen the security of any IoT device from its launch on the market until its end-of-life (EOL) to keep attackers out and build customer trust.

Are my IoT devices secure?
Test a device for free!

Our mission at NeroTeam Security Labs is to help secure IoT devices and ensure customer trust in the brand. We assess various IoT products from routers, cameras, switches, and more by identifying and testing for previously unseen vulnerabilities known as zero-days. Our team has a proven track record of identifying more than 40 zero-day vulnerabilities in IoT devices in 2022.

We not only identify previously unseen zero-day vulnerabilities, but we also help developers remediate the vulnerabilities while providing recommendations to keep the product secure for the long-term while considering multiple perspectives that an attacker could take.

We are a trusted entity that values consumer and organization integrity. No information found will ever be shared anywhere else between the organization and our team directly. Confidentiality and trust is an important pillar of success when reporting and remediating vulnerabilities and we treat this with the utmost importance.

Assessment Remediation Integrity

What Makes IoT Devices Insecure?

IoT devices are vulnerable mostly because they lack the necessary built-in security controls to defend against modern threats. The key reason to this is usually due to a constrained environment and the limited computational capacity of these devices. IoT devices are usually low-power devices, and their feature permit only certain functions to be executed. As a result, they usually cannot withstand the inclusion of security controls and mechanisms and data protection schemes.

Weak, Guessable, or Hardcoded Passwords

Insecure Network Services

Lack of Physical Hardening

Lack of Secure Update Mechanism

Use of Insecure or Outdated Components

Insecure Default Settings

of all IoT device traffic is unencrypted, exposing personal and confidential data on the network.

98%

of IoT devices are used as the medium for malware to spread from users' computers to vulnerable IoT devices on the same network.

72%

of IoT devices are vulnerable to medium or high severity attacks, making IoT devices a low-hanging fruit for attackers.

57%

of attacks exploit device vulnerabilities, as various attacks begin by scanning through network-connected devices in an attempt to exploit known weaknesses.

41%

Top IoT Threats

Threats continue to evolve to target IoT devices using new sophisticated and evasive techniques such as peer-to-peer command and control communications and worm-like features for self-propagation. Coupled with weak device security and network security posture, attackers have many attack avenues to compromise IoT systems.

What we discovered is that while the various vulnerabilities of IoT devices make them easy targets for initial compromise, they are most often used as a stepping stone for lateral movement to attack other systems on the network.

About Us

We are a small team of cyber security experts based in France and Japan with an accumulation of 10 years in Software Development, Penetration Testing, Red Teaming, Reverse Engineering, Security Operations Analysis, and Threat Intelligence who love to test and improve the security of the various IoT products that surround us in our everyday life. Our goal is to provide quality security assessments and recommendations to improve the security of your IoT products.

about nslabs

Our Blog

Offices



Japan 🇯🇵

154-0011,
Sangenjaya (三軒茶屋),
Tokyo (東京都)


France 🇫🇷

42100,
Saint-Étienne,
Auvergne-Rhône-Alpes


Ready to test your IoT device?

Tell us more about yourself and your requirements and we will contact you shortly.