IPVM will shortly be releasing a cybersecurity tool. This is your chance to get early access to it and give us your input on how it works and what you want.
If you provide feedback to us, we will pay you $20.
The tool itself should be simple to use so it will not take much time and you might learn something about your video surveillance device's security.
Submit Your Interest In Being An IPVM Cybersecurity Tool Beta User
Any questions, let us know in the comments.
We already have 10 responses in the first 10 minutes, good to see!
Also, one person asked about declining payment. That's fine. We do want to offer since you are providing value to us and we want to recognize that.
Also, one person asked about declining payment. That's fine.
Most integrators already spend a decent amount of time being unpaid and mostly unwitting “beta-testers” ;)
Lol, yes. Sometimes people even become have to pay for the privilege of testing unknowingly unreleased products :)
Interesting one John! I believe we're just getting started on the Cyber tidal wave and there will be much opportunity for Integrators that adopt this new paradigm shift. I believe that in short order the end user will ask Integrators (and manufacturers) what are you cyber specs prior to your hardware specs.
Oh and I also look forward to learning more about your new Cyber tool.
Cheers!
David, the cyber specs topic is an interesting one since it's hard to specify cybersecurity since a key component is the absence of issues (e.g., vulnerabilities or backdoors) which is fundamentally harder to prove / list.
Yes, it would be interesting to try this tool, and see how it could be applied to other Security systems.
I would definitely be interested in this. Sign me up!!
Update: We have 65 responses so far, thanks! We won't need everyone but we will be reaching out to a few dozen people next week. Thanks again!
Update: We are going to email ~20 people today with the beta version. Look for an email from Ryan Ace. Thanks.
If you don't receive an email, we may send out some more tomorrow or Monday. Thanks again for your interest.
The first round of beta invitations have been sent. If you received an invitation and have questions, please email ryan@ipvm.com.
Was this what you demo'd at ISC West?
Yes, this is the same vulnerability scanner we were demonstrating at ISC West.
What does the cybersecurity tool do?
It is an IP scanner, purpose built to discover vulnerable surveillance equipment. It currently scans and detects vulnerable equipment from:
When vulnerable equipment is discovered the scanner lists out the devices with a link to related vulnerability report on IPVM.
Yes please
I already gave feedback to IPVM on this but let me give some feedback here as well.
The application works well on both Apple and Windows. I was surprised to see an Apple application, this is great because it's what I use! Thank you guys for that.
I also tested on Windows 7 Pro and saw no issues.
I found some really interesting results. I have several cameras from Hikvision laying around, as most of you know they all run pretty much the same firmware as long as they're in the same series. So I put a few on of each different firmware. Some were found to be vulnerable, some were not.
When the final version of this comes out we're going to scan all of our customer's networks when the techs are on-site and see what we find.
Like the camera calculator, I think this is going to be a great tool and see a lot of potential for it.
is it a pen-test tool or what is the purpose?
Yes, but only for the physical security devices. It is testing for some of the known vulnerabilities which are documented here. It can scan public facing security devices and security devices on the same network as the device running the scan. It sends a request, which is one of the commands used to determine vulnerability, then uses the response code from the device to determine if the device is vulnerable, then sorts it out by manufacturer.
Below is a screen shot of our vulnerability test network scan. The scanner identified 4 cameras that have vulnerable firmware and provides links to the IPVM reports about each of the vulnerabilities.
Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.
