Organized by security consulting and research firm Independent Security Evaluators (ISE), IoT Village™ delivers thought leadership advocating for security advancements in Internet of Things (IoT) devices. The village consists of workshops on hacking numerous off-the-shelf devices (e.g. medical devices, home appliances, routers, and storage devices), live educational talks and a variety of contests. IoT Village's™ contests are brought to you by SOHOpelessly Broken™, the first-ever router hacking contest at DEF CON, which delivered 15 new 0-day vulnerabilities to the research community.

Want to help, get updates or just show your interest?

Get Involved

Upcoming Event Schedule

= Village and/or Contest Appearances =

Event Activities Date
ToorCon at The Westin San Diego, CA CTF Oct. 15-16, 2016
BSidesDC at the Renaissance in DC Village CTF Oct. 22-23, 2016
RSA Moscone Center San Francisco, CA IoT Sandbox Feb. 13-17, 2017
CypherCon DiscoveryWorld, Milwaukee, WI Village CTF March 30-31, 2017
BSidesCharm Convention Center Baltimore, MD Village CTF April 29-30, 2017
HackerLab Engine-4 Bayamón, Puerto Rico CTF May 20, 2017
DEF CON Caesar's Las Vegas, NV Village Talks & Contests July 27-30, 2017
DerbyCon 7.0 Louisville Kentucky CTF Sept. 2017

RSA Conference 2017

= Talks and Slides =

DEF CON 24 2016

= Workshops & Presentations =

Bronze room 4 & 3

= Presentation | = workshop | = Talk

Friday, August 5, 2016

Topic Presenter Time
Exploiting a Smart Fridge: a Case Study in Kinetic Cyber Kevin Cooper 10:10 am
KEYNOTE Paul Dant 11:30 am
FCC 5G/IoT Security Policy Objectives Rear Admiral (ret.) David Simpson, FCC, Bureau Chief 12:10 pm
Picking Bluetooth Low Energy Locks from a Quarter Mile Away Anthony Rose 2:00 pm
Live Drone RF Reverse Engineering Marc Newlin, Matt Knight, Bastille Networks 5:00 pm

Saturday, August 6, 2016

Topic Presenter Time
Hot Wheels: Hacking Electronic Wheelchairs Stephen Chavez and Specter 10:10 am
How the Smart-City becomes Stupid Denis Makrushin, Vladimir Daschenko, Kaspersky Lab 12:10 pm
Internet of Thieves (or DIY Persistence) Joseph Needleman 3:30 pm
Thermostat Ransomware and Workshop Ken Munro, Pen Test Partners 5:00 pm

Sunday, August 7, 2016

Topic Presenter Time
0-day Hunting Elvis Collado 10:00 am

= Talks =

Village Talks in Bronze Room 1

Topic Presenter Time
Sense & Avoid: Some laws to know before you break IoT Elizabeth Wharton Friday @ 1:00 pm
BtleJuice: the Bluetooth Smart Man In The Middle Framework Damien Cauquil, Digital Security (CERT-UBIK), Senior Security Researcher Friday @ 3:00 pm
Is Your Internet Light On? Protecting Consumers in the Age of Connected Everything Terrell McSweeny, Federal Trade Commission, Commissioner Friday @ 4:00 pm
SNMP and IoT Devices: Let me Manage that for you Bro! Bertin Bervis Saturday @ 1:00 pm
Reversing and Exploiting Embedded Devices Elvis Collado, Praetorian, Senior Security Researcher Saturday @ 3:00 pm
Tranewreck Jeff Kitson, Trustwave SpiderLabs, Security Researcher Saturday @ 4:00 pm
IoT Defenses - Software, Hardware, Wireless and Cloud Aaron Guzman, Principal Penetration Tester Sunday @ 11:00 am


Call for papers for IoT Village™ is now open! All talks related to IoT security issues are welcome, with special emphasis on any of the following topics:

  • Internet of Things - Show us how secure (or unsecure) IP-enabled embedded systems are. Routers, network storage systems, cameras, HVAC systems, refrigerators, medical devices, smart cars, smart home technology, and TVs. If it is IP enabled, we're interested.

  • Vulnerabilities and Remediation - Show us the what 0-days, exploits, or vuln you’ve found in an IoT device and then how the security flaw can be fixed. It great to pull off a hack, but how do we fix it going forward.

  • Demonstrable Research - Present attacks that result in mechanical operation of the device's physical functionality. Can you make the device move, smoke, light up, emit sound, manipulate a screen readout, or any other visibly evident manifestation of the exploit?

  • Healthcare & IoT - Demonstrate or discuss how IoT devices are impacting the realm of healthcare, including but not limited to patient health and hospital security. Travel, Hospitality, and IoT - Analyze how IoT is impacting the travel & hospitality industry, guest safety, and the connected hotel room.

  • IoT Device Management – Discuss best practices for deploying and building security into IoT devices.

We encourage responsible disclosure.

Submit Here



The so-called Internet of Things (IoT) is undergoing massive adoption. From locks and thermostats to televisions and refrigerators, many devices that have traditionally delivered analog functionality are rapidly gaining Wi-Fi connectivity and connecting to cloud-based, command-and-control centers for remote control and monitoring functionality. Some of these devices are built with security in mind, while others are simply analog devices with communication capabilities slapped on. The security and privacy implications introduced by any security vulnerabilities in these connected devices are tremendous.

To be at the forefront of addressing and minimizing these issues, we organized the first-ever IoT hacking village at DEF CON 23. That was a follow-up to the massively popular SOHOpelessly Broken™ router hacking contest, which debuted at DEF CON 22 and contributed 15 new 0-day discoveries to the research community, we hope to educate participants and the community about security vulnerabilities in these widely deployed devices and, in turn, shift toward better security in the IoT category.

Responsive image


= Zero-Day Track =

We encourage you to BYOT!

The Zero-Day track is focused on the discovery and demonstration of real exploits (i.e., 0-day vulnerabilities). This track relies on the judging of newly discovered, real attacks against devices within the Internet of Things. Details

This is an opportunity for contestants to bring in their own IoT devices and demonstrate exploits to our panel. Contestants will need to provide proof that they disclosed the vulnerability to the vendor.

= CTF Track =

This is an at-con capture the flag style contest where contestants will be pitted against 15+ off-the-shelf SOHO routers and IoT devices, hardened, but with known vulnerabilities. Contestants must identify weaknesses and exploit these devices to gain control. Pop as many as you can over the weekend to win cash and gift cards. Details

Get Connected



We put on multiple events throughout the year, and you can be part of them! We have thousands of attendees and always make a big splash. Focusing on brand exposure, community engagement, press, parties, and thought-leadership, we seek to provide a VIP-sponsorship experience for our partners. Email us at contact@securityevaluators.com to request a sponsorship pack and see how you can get involved.

= Organizer =