Home
/
Blog
/
Product news

A database for Telecom Vulnerabilities

P1 VKB: Telecom vulnerability database with 2,000+ vulnerabilities. Ideal for operators, vendors, regulators. Features visualizations, email alerts, and expert chat support.

Product news
May 18, 2022
A database for Telecom Vulnerabilities

What is the VKB?

P1 Vulnerability Knowledge Base (aka the VKB) is a telecom dedicated database of the vulnerabilities detected and reported through the use of P1 Security software PTA, PTF and PTM or through P1 Security expert consulting findings and P1 Security Labs research.

Just like any other IT equipment which has vulnerabilities, telecom networks from 2G/3G to LTE, IMS and 5G, and telecom protocols, especially signaling protocols like SS7/SIGTRAN, GTP-C, Diameter and HTTP/2, have their own specific vulnerabilities. The VKB database is dedicated to these kinds of vulnerabilities, with 2,000+ vulnerabilities already featured in the VKB.

The Vulnerability Knowledge Base provides detailed information and analysis on vulnerability intelligence. It is both comprehensive and actionable, presenting knowledge and insight about the latest security vulnerabilities and their associated weaknesses. VKB brings a comprehensive and exhaustive list of vulnerabilities in a single easy-to-consume interface ideal for security analysts and threat hunters.

Who is concerned by the VKB?

Telecom mobile operators (MNOs, MVNOs, Carriers…), equipment vendors, telecom regulators, are all concerned with the risks and vulnerabilities featured and detailed in the VKB.

VKB features

VKB Dashboard and Reporting

Leverage insightful visualizations on vulnerabilities and weaknesses, including their threat context, to improve vulnerability management processes. Users can view dashboards and reports to predict and analyze data. This helps in mitigating any future vulnerability issues.

Tag Cluster browsing is used as a way of categorizing the vulnerabilities, it allows for specific protocol search with impact rating and risks of vulnerabilities. It helps know the root cause of vulnerabilities.

VKB Email Notifications

  • We help you be prepared for any critical vulnerabilities to the system. Every month we monitor and notify users via email that describes new vulnerabilities and their impact.
  • This helps in staying up-to-date with the latest security researches and vulnerabilities by providing regular updates about them.
  • This proactive step helps in identifying any issues beforehand to avoid any major disasters to the system.

Additional features

  • SCAS Specification list of vulnerabilities
  • SCAS is a set of specifications for security features that are defined.
  • The Security Assurance Specification (SCAS) is the document containing the security requirements for a network product class and the associated test cases.

Helps the VKB users to properly implement their networks.

  • Vulnerability vocabularies
  • A collection of terms, definitions and abbreviations related to the content of P1 VKB.
  • The terms, definitions and abbreviations are either imported from existing documentation (ETSI, ITU, 3GPP or elsewhere) or newly created by P1 Security experts whenever the need for precise vocabulary was identified.
  • VKB Maps
  • An intuitive way to browse through the VKB, using network diagrams. It allows you to quickly find whatever it is that you are looking for, fast and easy to use.
  • VKB Chat
  • Have a question about your VKB product? Our experts in VKB Chat are ready to help from 9:00AM to 6:00PM CET, Monday through Friday. This is the perfect support system for VKB users who want to connect & discuss their difficulties and receive personal advice from one of our experts in real time.

VKB Value and Benefits

Mobile protocol vulnerabilities are a major security threat. Fix these telecom vulnerabilities before they can be exploited by hackers using different search methods.

Discover all the details of mobile protocol security and learn how to protect yourself from the latest vulnerabilities.

Keep your organization protected with our SaaS delivered via Standard web browser.

With monthly updates to cover new threats, this database is always up-to-date. We’ve also included detailed security recommendations for quick fixes and long-term security measures for these protocols.

How to access the VKB?

Free “walkthrough” account

Upon request and after careful validation of your position inside the telecom security ecosystem, P1 Security may provide you a 3 months free “walkthrough” access to the VKB.

  • Dedicated access to a couple dozen vulnerabilities
  • Access to protocol matrices

Do you need a VKB subscription?

Contact us at presales@p1sec.com!

Summary
Titre H2
Titre H3
Download our whitepaper

LTE Pwnage: Hacking HLR/HSS and MME Core Network Elements

By clicking download you confirm that you accept our terms and conditions.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Be informed

SS7 Attacker Heaven turns into Riot: How to make Nation-State and Intelligence Attackers’ lives much harder on mobile networks

By clicking download you confirm that you accept our terms and conditions.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Towards Harmonization: Mapping EU Telecom Security Regulations and their evolution

By clicking download you confirm that you accept our terms and conditions.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
News & investors info

Our latest news

All our news
Product news

New Press Release - P1 Security Reboots with Bold New Vision and Ambition

Press Release from P1 Security about their renewed vision and ambition for mobile network security
Learn more
Research

[Release] QC Super v2

QCSuper is a tool which enables, for research purposes, to capture the contents of radio communication exchanges between your phone's antenna and your Mobile Operator's radio network (RAN). QCSuper has enabled many telecom, mobile and security researchers to perform an analysis of the radio packets (frames) through saving these to the Packet Capture File format (PCAP, with GSMTAP encapsulation) and enabling to use the great Wireshark tool to conduct analysis and research.
Learn more
Research

5G SUPI, SUCI and ECIES

P1 Security breaks down the 3GPP definition of a subscriber’s identity protection scheme, for 5G networks.
Learn more
View all
let’s talk

We are eager to discuss your mobile network security topics. Please reach out.

Contact us
Join the team