OWISAM Top 10
This section identifies the main security risks that currently affect the Wi-Fi networks and whose detection and mitigation should be a priority.
These risks have been defined based on the experience gained in penetration tests on wireless networks and in the analysis of art's Wireless Security state, taking into account the impact that these risks may have on the assets of the organization.
Therefore, a safety review based on OWISAM TOP 10 should be directed to analyze and detect the following:
|OWISAM-TR-001:||Open Wi-Fi communication networks.|
|OWISAM-TR-002:||WEP-based encryption in communication networks.|
|OWISAM-TR-003:||Insecure key generation algorithms (devices, WEP, WPA(2)-PSK and WPS passwords).|
|OWISAM-TR-004:||WEP/WPA/WPA2 dictionary based key.|
|OWISAM-TR-005:||Insecure authentication mechanisms (LEAP, PEAP-MD5 ...)|
|OWISAM-TR-006:||Device with WiFi Protected Setup support active (WPS).|
|OWISAM-TR-007:||Wi-Fi networks not authorized by the organization.|
|OWISAM-TR-008:||Insecure captive portal in Wi-Fi Hotspots.|
|OWISAM-TR-009:||Client trying to connect to insecure networks.|
|OWISAM-TR-010:||Overextended Wi-Fi networks coverage.|