Our experience

Since 2007 involved with Kamailio as core developer and member of the management board

Senior IT Manager and product manager experience

Deep IT Infrastructure, IT Security and Project Management knowledge

Infrastructure hosted in Germany with high security and data privacy standards

Attacks on Voice over IP software

It gets easier for attacker to exploit bugs in VoIP software because of the increasing software complexity. This can cause critical disruptions in service availability.

It can creates regulatory risks (e.g. critical infrastructure security regulations). Customer or company data security can also be affected.

Kamailio offers a wide range of core functionality and contains over 200 modules to extend its features.

It can be challenging to secure your Kamailio infrastructure against attacks during strict project and maintenance schedules.

Security assessment

We offer an external security assessments to protect and harden your infrastructure against attackers. Our advanced security testing can effectively find security relevant bugs.

Kamailio check

An in-depth check of the Kamailio configuration and the used software modules for potential issues.

Extensive test

Software test with an extensive test suite for known errors and unknown security vulnerabilities with fuzzing.

Test automation

Automatic creation and test of millions of input data sets with a custom test suite and advanced fuzzing software.

Advanced Fuzzing

Fuzzing is an automated software testing method that involves providing invalid, unexpected, or random data as inputs to a software.

Advanced detection

Detection of bugs that are really difficult or impossible to find with manual or structured testing.

Error evaluation

Monitoring of the test object for exceptions such as crashes, failing built-in self-tests or for finding potential memory leaks. Errors are collected and evaluated for their criticality.

Our approach

Our security assessment is usually structured like this:

  1. Initial communication
  2. Definition of your goals
  3. Session to understand the scope and environment
  4. Proposal which includes: goals, methodology, deliverables and offer
  5. Establish communication contacts and time line
  6. Secure transfer of custom assets for the assessment
  7. Test execution, information after urgent critical findings
  8. Result delivery: executive summary and technical report with details
  9. Discussion of results

Your benefit

We provide a service with a standardized and proven approach. You benefit from the low overhead setup, structured results and effective communication.

Standard service

We provide a security assessment service with a standardized and proven approach.

Low overhead

Low overhead setup, structured results and effective communication.

Concentrate on your business

Concentrate on projects to grow your business.

Protected infrastructure

Dedicated and protected testing infrastructure with a proven software stack.

Extensive report

Executive summary and technical report, including details on security findings and steps to reproduce them.

Results

Improved security of your special or custom Kamailio modules and configuration.

Interested in protecting your Kamailio infrastructure?

We are looking forward to speak with you!

Please contact us here