The global system of connected devices, the Web of Things, is anywhere. As technology evolves, so do the amount of apparatus connected to the cloud. The FOW Community forecasts that there will be between 26 and 212 billion apparatus on the Internet by 2020. From auto navigation into your new fridge, retail POS to a building's climate control, all these embedded systems, while complicated, are often under attack from hackers, so do you damage, to steal your information, to utilize your devices as a gateway in your network, or other misdeeds. The capacity to transfer information over a cloud based system has changed how we do business. Whilst the IoT may be flexible and scalable, using the cloud to share information is dangerous as hackers find opportunities to wreak havoc. The increasing vulnerabilities of transmitting information over cloud based infrastructures is inducing designers, developers, and safety experts real concern as they fight to maintain these interconnected systems safe. The same goes for IT infrastructure and security experts. To figure out in which the next data exposure may happen, you have to consider your adversary, conduct threat modelling exercises where you attempt to imagine and mimic an external opportunist may exploit your devices. Assume management - Chrysler famously needed to plug a safety hole that hackers might use to take control of their vehicles, even while they're in movement. Destroy the device, or its information - Whether information or property, this is a serious breach. Denial of service - Floods a system, creating a functionality log jam. Falsify or steal data - A significant role of IoT devices is to acquire data from smart sensors, adversaries might want that data, or might want so falsify the sensor reports so cover up other stuff which they're doing. Indirect attack - Hackers leverage one type of device so worm their way in another part of your system. These are all typical threats so consider as you plan strategies so improve system safety. The concept of networking things is a fairly new idea, but a lot of the things themselves need been around a while and can be based on out-of-date embedded operating software. Just adding connectivity so those things without which makes them more robust and secure is courting trouble. Allowing engineers the resources they need so develop secure code will add safety to your new product. Application Defense - The best defense is also a great offense, ensure you've security protocols at all stages in the development stage, including your use of 3rd party embedded code. Device Defense - Basics include password protection, protocols, and patching. Dynamic Application Security Testing - DAST tests for weaknesses when the application is live, attempting a personal attack through automation during development.