contact@p1sec.com

A database for Telecom Vulnerabilities

What is the VKB?

P1 Vulnerability Knowledge Base (aka the VKB) is a telecom dedicated database of the vulnerabilities detected and reported through the use of P1 Security software PTA, PTF and PTM or through P1 Security expert consulting findings and P1 Security Labs research.

Just like any other IT equipment which has vulnerabilities, telecom networks from 2G/3G to LTE, IMS and 5G, and telecom protocols, especially signaling protocols like SS7/SIGTRAN, GTP-C, Diameter and HTTP/2, have their own specific vulnerabilities. The VKB database is dedicated to these kinds of vulnerabilities, with 2,000+ vulnerabilities already featured in the VKB.

The Vulnerability Knowledge Base provides detailed information and analysis on vulnerability intelligence. It is both comprehensive and actionable, presenting knowledge and insight about the latest security vulnerabilities and their associated weaknesses. VKB brings a comprehensive and exhaustive list of vulnerabilities in a single easy-to-consume interface ideal for security analysts and threat hunters.

Who is concerned by the VKB?

Telecom mobile operators (MNOs, MVNOs, Carriers…), equipment vendors, telecom regulators, are all concerned with the risks and vulnerabilities featured and detailed in the VKB.

VKB features

VKB Dashboard and Reporting

Leverage insightful visualizations on vulnerabilities and weaknesses, including their threat context, to improve vulnerability management processes. Users can view dashboards and reports to predict and analyze data. This helps in mitigating any future vulnerability issues.

Tag Cluster browsing is used as a way of categorizing the vulnerabilities, it allows for specific protocol search with impact rating and risks of vulnerabilities. It helps know the root cause of vulnerabilities.

VKB Email Notifications

  • We help you be prepared for any critical vulnerabilities to the system. Every month we monitor and notify users via email that describes new vulnerabilities and their impact.
  • This helps in staying up-to-date with the latest security researches and vulnerabilities by providing regular updates about them.
  • This proactive step helps in identifying any issues beforehand to avoid any major disasters to the system.

Additional features

  • SCAS Specification list of vulnerabilities
    • SCAS is a set of specifications for security features that are defined.
    • The Security Assurance Specification (SCAS) is the document containing the security requirements for a network product class and the associated test cases.

Helps the VKB users to properly implement their networks.

  • Vulnerability vocabularies
    • A collection of terms, definitions and abbreviations related to the content of P1 VKB.
    • The terms, definitions and abbreviations are either imported from existing documentation (ETSI, ITU, 3GPP or elsewhere) or newly created by P1 Security experts whenever the need for precise vocabulary was identified.
  • VKB Maps
    • An intuitive way to browse through the VKB, using network diagrams. It allows you to quickly find whatever it is that you are looking for, fast and easy to use.
  • VKB Chat
    • Have a question about your VKB product? Our experts in VKB Chat are ready to help from 9:00AM to 6:00PM CET, Monday through Friday. This is the perfect support system for VKB users who want to connect & discuss their difficulties and receive personal advice from one of our experts in real time.

VKB Value and Benefits

Mobile protocol vulnerabilities are a major security threat. Fix these telecom vulnerabilities before they can be exploited by hackers using different search methods.

Discover all the details of mobile protocol security and learn how to protect yourself from the latest vulnerabilities.

Keep your organization protected with our SaaS delivered via Standard web browser.

With monthly updates to cover new threats, this database is always up-to-date. We’ve also included detailed security recommendations for quick fixes and long-term security measures for these protocols.

How to access the VKB?

Free “walkthrough” account 

Upon request and after careful validation of your position inside the telecom security ecosystem, P1 Security may provide you a 3 months free “walkthrough” access to the VKB.

  • Dedicated access to a couple dozen vulnerabilities
  • Access to protocol matrices

Do you need a VKB subscription?

Contact us at presales@p1sec.com!

About the Author