Columbia-based MasterPeace Solutions is working on an open source project to address security vulnerabilities in Internet of Things devices.
osMUD is aimed at protecting internet-connected devices used at homes and small businesses. The project was shared with the National Institute of Standards and Technology’s National Cybersecurity Center of Excellence, which is based in Rockville, according to MasterPeace.
Now, the cybersecurity firm will participate in a consortium that was formed around the effort that looks to bring together bring together device manufacturers, network security companies, and network administrators. Participating organizations include Cable Labs, Cisco, CTIA, Digicert, ForeScout, Global Cyber Alliance, Patton, and Symantec. Each organization will provide code and expertise to the effort. MasterPeace is providing network security engineering and defense operations expertise. The longtime government contractor has previously shown willingness to gather the community in recent years with efforts like an in-house accelerator.
“We believe IoT represents a significant cyber threat. This technology has the potential to expand an organization’s attack surface, merge unmitigated vulnerabilities into an ecosystem, and, in the worst case, facilitate the transformation of digital attacks to physical attacks with severe consequences,” MasterPeace CEO Drew Cohen said via email. “Even with these threats, the IoT market is growing faster than other IT segments. We anticipate that organizations and consumers will start investing in technology that offers protection, and believe that developing cutting edge IoT security technology makes great business sense.”
MUD, short for Manufacturer Usage Description, will provide manufacturers with steps to keep devices from communicating inappropriately. These steps are designed to then help automate security processes.
“MUD will make it possible for manufacturers to define ‘safe’ operating conditions of their devices so that network security capabilities can automatically limit device functionality to appropriate usage, thereby blocking malicious activity,” Cohen said.
Given that the effort is open source, the information will then be freely available.
Before you go...
Please consider supporting Technical.ly to keep our independent journalism strong. Unlike most business-focused media outlets, we don’t have a paywall. Instead, we count on your personal and organizational support.
Join our growing Slack community
Join 5,000 tech professionals and entrepreneurs in our community Slack today!