Telecom Security Consulting
Telecom security is an unknown and difficult problem, requiring the knowledge of traditional IP network security (Internet, Intranet, VPNs) and the specific security of Telecom Networks. P1 Security operates in telecom environment to deliver strong security expertise to Mobile Operators, Carriers, SMS providers, VAS partners, VoIP providers and triple-play ISPs.
Telecom Penetration Testing
With a strong expertise on heterogeneous telecom, enterprise-class or ISP-class networks and heavy security requirements contexts, P1 Security focuses on Telecom-related Penetration Testing (SS7, Core Network, SIGTRAN, IN, RNC, Node B, UTRAN, AAL-ATM underlying network, LIG, Interco STP).
Mobile & Network Platform Reverse Engineering
High-level and Low-level reverse engineering. Our team can work on the whole product chain from infrastructure equipment and systems to to Mobiles, Embedded devices, SIMs, Smart-card, ASIC and FPGA hardware reverse engineering.
Vulnerability Research & Reverse Engineering
P1 Security conduct vulnerability analysis in binary-only closed-source products and clear-box source-level software. Our team is capable of attacking a range of software from various environment including Windows, Unix, Web Applications (PHP, ASP, J2EE, Rails, Django, .Net, CF, Facebook apps, widgets, Web 2.0 AJAX sites), Embedded systems (VxWorks, Symbian, iPhone, Android, embedded linux, SIM STK), micro-controllers (PIC, ATmel, 80xx, MSP) and FPGAs.
Crypto Consulting & Cryptanalysis.
Evaluation or design consulting, we help enterprises, manufacturer and operators use and deploy strong crypto. Crypto is not a silver bullet. By using untested crypto libraries, products or solutions, you may still be vulnerable to attacks. By attacking your crypto solution, our experts help you determine the weaknesses of such, either in the design, implementation, deployment or usage.
Security Quality Assurance is a process that needs to be integrated into any engineering process in order to achieve security in a controlled and measurable way. We work with the engineering teams to integrate security into your day to day production. We deploy and conduct Security QA in both operations team (FW, IDS, WAF) and development teams (SQA, Code Reviews, Bug hunts, tracking).
Is the product you’re going to deploy secure? We help operators and enterprises assess the security posture of each equipment, applying industry standard vulnerability analysis as well as our Research Team production in term of vulnerability research and risk assessment.