Listen and subscribe to our new podcast! Tripwire’s cybersecurity podcast features 20-minute conversations with the people who protect people from cyber threats. Hosted by Tripwire’s VP of Product Management and Strategy, Tim Erlin, each episode brings on a new guest to explore the evolving threat landscape, technology trends, and cybersecurity best practices.

Listen on Google Play Music

Spotify: https://open.spotify.com/episode/5wXKv9DiQjfsZNf6heXg67
Stitcher: https://www.stitcher.com/podcast/the-tripwire-cybersecurity-podcast
RSS: https://tripwire.libsyn.com/rss
YouTube: https://www.youtube.com/playlist?list=PLgTfY3TXF9YKE9pUKp57pGSTaapTLpvC3

The following is an edited excerpt from a recent episode of Tripwire’s Cybersecurity Podcast.

 

Tim Erlin: Welcome to Tripwire’s Cybersecurity Podcast. I am Tim Erlin, VP of product management and strategy at Tripwire. Today I am joined by Craig Young, principal security researcher with the Vulnerability and Exposure Research Team at Tripwire. Welcome, Craig.

Craig Young: Thank you, Tim

A MQTT Primer

TE: Today we’re going to look at MQTT. Craig, why don’t you just start by telling us what MQTT is and why are we talking about it?

CY: Sure. MQTT is a very lightweight messaging protocol that allows entities of different types that have different network connections to talk to each other but without having to maintain direct communication links. So the MQTT broker here is actually going to be directing messages between publishers and subscribers.

One way you can kind of think about this as like a TV broadcast scenario. So with the TV broadcast, you’ve got TV stations who are putting out content in MQTT. They would be publishing content, and this data gets out there for anybody to receive it who wants to tune in or subscribe to the right channel—or in MQTT terminology, it would be a topic.

But it also goes beyond that because unlike a TV broadcast, anybody that’s participating on this network can commonly just feed (Read more...)