Secur’s Security Assessment provides full visibility into the actual state of signalling protection for SS7, Diameter, GTP. Test how well your security is performing and see what risks are lurking.
By knowing which attacks are successful, Secur’s Security Assessment is the key for building a management process to handle signalling vulnerabilities and keep your network and subscribers safe.
As part of our gateway security audit, we review your URL filtering, data leak prevention, and malware code detection tools and processes. We make sure the web gateway you are using fulfills all security compliance requirements relevant to your business.
We also conduct internet penetration testing with the aid of a variety of pen-testing tools and web application firewalls (WAFs). Our tests can be tailored to your IT environment and specific needs, and include blind tests, double-blind tests, and targeted tests.
We also conduct Signalling System 7 (SS7) security assessments to check if the defenses you have in place adequately address threats such as subscriber information disclosure, network information disclosure, fraud and denial of service (DoS) attacks.
GSM network security usually involves checking the client’s mobile network for data and voice interception and eavesdropping attacks to make sure there is no unauthorized usage of the service. As part of our security review, we check your GSM security solution for weaknesses and configuration errors with a particular focus on access control, authentication, encryption, and location confidentiality.
The switch to LTE in mobile wireless technology has also introduced new vulnerabilities in mobile networks while taking care of some security concerns. The focus on the data and 4G means a flatter network architecture, which increases the number of security issues. Our LTE architecture audit focuses on confidentiality protection for user traffic, defenses against jamming attacks, vulnerabilities in the OAM network, and security analysis of IMS.
Major threats to Telecom Security usually fall into the following categories:
- Phone Fraud – Toll Fraud, Cramming, Telemarketing fraud, War dialing and so on
- Theft – Data theft, network abuse, illegal data interception, unauthorized data modification (in billing or routing based processes)
- Malware – Viruses, trojan horse
- Spam – Sending Spam messages via SMS, MMS
- Denial of Service attacks – Request flooding, DoS attacks against network infrastructure.
- Data leakage – Penetrating billing and CRM systems to extract customer data