ABOUT
PROJECT OVERVIEW
ExposedIoT is a project that combines a public exposure awareness dashboard
with a privacy-first thick client (local scanner). The project was developed to bridge a common gap for
home users and SMEs: many people rely on internet access and smart devices, yet have limited visibility
of what is on their network, what services those devices expose, and what “normal” exposure looks like at
internet scale.
The dashboard provides a global visualisation of internet-exposed services that are commonly associated
with IoT and insecure configurations. It presents trends derived from a defined exposure query and focuses
on classified categories where possible, helping users interpret the results as risk signals rather than
raw data. The thick client complements this by assessing the user’s own local environment, identifying
devices and common services on the LAN, and translating findings into practical guidance.
Together, the two components support a simple management workflow: improve awareness of exposure patterns,
verify local assets, and prioritise mitigation. This approach emphasises user control over assets and encourages
better security hygiene without requiring enterprise tooling.
DATA SOURCES & WHAT THE NUMBERS MEAN
- Internet exposure trends: The dashboard uses Shodan to estimate how often certain device services are exposed on the public internet. These services are commonly linked to smart devices and misconfigurations (for example cameras, remote access services, printers, and IoT messaging). The TOTAL EXPOSED IOT (EST.) figure is an estimate of how many public systems match this dashboard’s exposure definition. It is a helpful trend indicator over time, but it should not be interpreted as the total number of all IoT devices on the internet. The map shows a small sample for visualisation rather than a complete list.
- Vulnerability awareness: The CVE panel uses the National Vulnerability Database (NVD) to show recently published security issues that may affect IoT and embedded technologies. Results are filtered using keyword and vendor matching to keep the list relevant. CVEs are shown to support awareness and prioritisation, not as proof that a device is exploited.
HOW TO READ THE METRICS
- Total exposed (est.): Shodan match count for the dashboard query.
- Exposed by country: Country facet distribution for the same query.
- Top category share: The largest Shodan facet bucket shown as a share of total query matches.
- Most exposed services: Top ports (facet counts) returned by Shodan for the query.
RESPONSIBLE USE
- The dashboard does not exploit systems or scan user networks. It visualises aggregated exposure intelligence.
- Map markers are a limited sample used for visualisation; they are not a complete listing.
- The thick client (scanner) is intended for local network assessment with a restricted “safe list” of ports.
THICK CLIENT (SCANNER)
The local scanner is under development. It will discover devices on the user’s LAN, check a limited safe list
of ports, generate a user-friendly remediation guide, and export a SOC-friendly JSON report.
Download will be enabled once the installer is available.