Whether network connected or standalone, firmware is the center of controlling any embedded device. As such, it is crucial to understand how firmware can be manipulated to perform unauthorized functions and potentially cripple the supporting ecosystem’s security. This presentation will provide an overview of how to get started with performing security testing and reverse engineering of firmware leveraging the OWASP Firmware Security Testing Methodology (FSTM) as guidance when embarking on an upcoming assessment.