Practical IoT security Workshop
RCCE students will learn Internet of Things security covering smart device vulnerabilities, IoT protocol analysis (MQTT, CoAP, Zigbee, Z-Wave), firmware security assessment, IoT network segmentation, and cloud-connected device risk management. RCCE students will learn to assess IoT device security posture, identify common IoT vulnerabilities including default credentials, insecure update mechanisms, unencrypted communications, and insufficient access controls. The course covers IoT-specific threat modeling, secure IoT deployment architectures, monitoring IoT device behavior for anomalies, and responding to incidents involving compromised IoT devices in enterprise and industrial environments. This practice-intensive course emphasizes applied skills through lab exercises, real-world scenarios, and production-realistic workflows. Building on core knowledge, RCCE students will learn by doing, building muscle memory and practical confidence through repeated hands-on engagement. Students complete exercises that mirror actual workplace tasks, ensuring skills transfer directly to their professional roles.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Practical IoT security Workshop
- Execute hands-on tasks for learning objectives — covering IoT device security posture.
- Execute hands-on tasks for the iot landscape in 2025
- Execute hands-on tasks for lack basic patching
- Execute hands-on tasks for consumer iot categories — covering Healthcare: medical devices, patient monitors.
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for device layer
- Execute hands-on tasks for network layer
- Execute hands-on tasks for platform layer
- Execute hands-on tasks for application layer
- Execute hands-on tasks for device attacks — covering Physical.
- Execute hands-on tasks for network attacks — covering Protocol fuzzing.
- Execute hands-on tasks for platform attacks — covering API exploitation.
| Module 01 | Learning Objectives |
| Module 02 | The IoT Landscape in 2025 |
| Module 03 | Lack Basic Patching |
| Module 04 | Consumer IoT Categories |
| Module 05 | IoT Architecture & Attack Surface |
| Module 06 | Device Layer |
| Module 07 | Network Layer |
| Module 08 | Platform Layer |
| Module 09 | Application Layer |
| Module 10 | Device Attacks |
| Module 11 | Network Attacks |
| Module 12 | Platform Attacks |
| Module 13 | Application Attacks |
| Module 14 | Key Takeaway |
All hands-on labs run on Rocheston Rose X OS. Students practice practical iot security workshop by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for learning objectives
- Lab 2: Execute hands-on tasks for the iot landscape in 2025
- Lab 3: Execute hands-on tasks for lack basic patching
- Lab 4: Execute hands-on tasks for consumer iot categories
- Lab 5: Design a scalable privilege management architecture with policy and enforcement
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Practical IoT security Workshop, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI