Given the threat environment, a single vulnerability in an internet-connected device can lead to a quick compromise. Even when established security processes are in place, it is easy for vulnerabilities to sneak through. Development teams may have introduced a buffer overflow vulnerability within their software. They may have failed to store cryptographic keys in hardware. They may have allocated unnecessarily high privileges to user accounts, or failed to protect firmware using cryptographic signatures.
The security processes described in this chapter can put a development team on the right path towards identifying specific threats to their products. Once threats are identified, engineers can work on identifying and prioritizing security controls to reduce the threats.
At the same time, developers should be using automated security analysis tools to evaluate product firmware and identify vulnerabilities that must be mitigated, as discussed in Chapter 3, Approaches to Secure Development.