My lessons learned in automotive Security

Abstract

I will present problems or obstacles that the automotive industry faces when building cars and connected cars.

Outline

I would present insights into how cars are developed from my point of view after 3+ years as a pentester in the automotive industry. Details that were new to me coming from a very software centric view of security, including hardware security. What are the problems that OEMs face coming from a very mechanic industry towards a software centric (cyber physical) industry? What are problems in different markets? There are some things that are different coming from a network and web app pentesting background. The idea was to inform what we do and what might be interesting for you if you were to join this industry. I would in the end get interactive and have an open discussion about expectations of the audience towards manufacturers.

Sebastian Haase

@qobaiashi

Active in the Security industry for 10 years, active in the scene for 20 years. Did kernel exploiting 15 years ago, learned that Web App Pentesting feeds your wallet but not your mind. Currently doing offensive security for an OEM.