P1 Security offers unique Product Security Review (PSR) of telecom and network equipment, from legacy SS7 and SIGTRAN Network Elements up to current ATCA LTE systems.

As P1 Security VKB shows, our teams have a unique capability with auditing in depth in telecom signaling protocols.

Product Vulnerability Research

P1 Security teams usually use for PVR audit missions a combination of Reverse Engineering, Fuzzing, hostile attack techniques, Fault Injection and Code Audit (if available) to find vulnerabilities.

As a differentiating factor from other traditional security consulting firms, our teams are unique in their familiarity with telecom protocols and equipments.

Such familiarity enable them to know and practice the business risks associated with these vulnerabilities enabling them to actually find vulnerabilities in business processes that other auditors do not find.

Equipment covered

So far, P1 Security has engaged with the following equipment and equipments vendors:

  • ACME packet
  • Acision
  • ALU
  • Apertio
  • Ceragon
  • Cisco
  • ECT
  • Ericsson
  • Kineto
  • Huawei
  • Motorola
  • NEC
  • NSN
  • Opencode
  • Starrent
  • Tekelec
  • Ubiquisys
  • ZTE
With such extensive coverage over GGSNs, SGSNs, HLRs, MSCs, INs, VAS, MMEs, HSS, PDN GWs, SeGWs, SGWs, STP, Routers, MPLS Switches; P1 Security has a unique methodology and skill set to guarantee unparalleled coverage of your network element vulnerabilities.

Network Element VKB Applicability Study

With NE VKB Applicability Study, P1 Security auditors take existing vulnerabilities from VKB and audit a specific network element for applicability of these vulnerabilities. It is usually performed on Test Bed either of P1 Security or of the operator. Optionally, this Network Element can be virtualized by P1 Security so that it’s later tested within P1 Security’s testbed.
This audit is a short, hands on human audit where P1 Security qualifies all existing vulnerabilities in our VKB and verifies its applicability on a new Network Element.
This enables operators and vendors to qualify the basic level of vulnerability of any network element.
NE VKB Applicability Study can be then followed by full PSR/PVR service when the Network Element is critical (MSC, HLR/HSS, MME, S-GW, CSCF etc.).

Security UAT

Security User Acceptance Test are becoming a leading best practice in the industry, especially with the arrival of new technologies. This is now an opportunity for operators to enforce better security management and security testing of their equipment.
For example in a typical network, setting up a LTE network with the LTE SAE EPC and the LTE eUTRAN mandates the testing of the Ericsson, Huawei or NSN eNodeB, the eUTRAN aggregation network equipment such as Cisco, Alcatel and Ciena routers and optical network switches, and the Ericsson or Huawei core network elements such as the HSS, the SPR, the MME, the PCRF and the S-GW and PDN-GW.
Ask P1 Security experts, we’ve done this repeatedly and therefore we know already what’s out there and can speed up these Security UAT.

TCNE1 Product Security Certification

P1 Security is one of the first security company to achieve the TCNE1 Certified Auditor for TCERT Network Element Certification program. TCNE1 is a tougher set of security requirement based on TCERT workgroup effort, in compliance with 3GPP SECAM Security recommendation.