As technology advances, it becomes increasingly more entwined within people’s lives. From wearing a smart watch to complete home automation, software and connectivity is everywhere. With this evolving technology, new attack vectors are introduced and wider ranges of connectivity mean that there is a much larger attack surface for those with malicious intent. Up until a couple of years ago, cyber-attacks have largely been associated with hacking performed across the Internet, but moving forward we now need to focus on securing any device that has the ability to perform some type of communications. As of the present date, many of the IoT (“Internet of Things”) type products on the market have inadequate levels of security. When it comes to security testing, we not only need to assess the software, but we need to consider the hardware and communications used to discover the same threats that an attacker might target. The objective of this talk is to provide an understanding of how robust (or not) the current world of IoT really is and how we can use testing throughout development lifecycles to improve the overall security posture. With the IoT there is a lot at stake as computer security intersects with public safety and human life – if we get it wrong we may not get another chance.