Signaling Security Assessment

Supported Protocol: M3UA, SCCP, TCAP, MAP, CAP.

Supported testing of the following category defined by GSMA FS 07

  • Category 1 – Message received within the same network.
  • Category 2 – Message received from the inbound roaming.
  • Category 3 – Message received in relation to an outbound roaming.

• Real World Exploitation POC.

Other than GSMA specifications, we are using our custom testing methodologies as well.

Supported Diameter Interfaces: DiameterBase, S6a/S6d, SLh, S6c, and rest 3gpp interfaces.

Supported testing of the following category defined by GSMA FS 19:

  • Category 0 – Detect very simple spoofing attempts
  • Category 1 – Application ID and Command Code screening.
  • Category 2 – Detailed AVP level screening.
  • Category 3 – Examines location and time-based feasibilities.

Real World Exploitation POC.

Other than GSMA specifications, we are using our custom testing methodologies as well.

Supported Protocols: GTPv0, GTPv1, GTPv2.

Supported testing of the following category defined by GSMA FS 20:

  • Category 1 – Looks at the type of message being sent on the individual interface.
  • Category 2 – Messages are from any inbound roamer's home network to the visited network.
  • Category 2 – Detailed AVP level screening.
  • Category 3 – It is from outbound roamers in the visited network to their home network.

Real World Exploitation POC.

Other than GSMA specifications, we are using our custom testing methodologies as well.

Telecom Security Consulting

Network Security Assessment helps in to take preventative measures to safeguard the infrastructure from internal/external unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure.

Our Services include:
  • Methodological testing techniques, a configuration setting, and policy reviews
  • Wireless environment assessment for identifying vulnerabilities and errant configurations validating existing controls and prioritizing high-risk findings and remediation techniques.
  • SS7 & Sigtran Security Assessment and Penetration Testing
  • Diameter Security Assessment and Penetration Testing
  • GRX Security Assessment and Penetration Testing
  • Signalling Firewall Rules Testing
  • Air Interface Assessment and Penetration Testing
  • IPTV Penetration Testing
  • VoLTE and Fixed IMS Penetration Testing
  • FTTH Service Assessment
  • Compromised Assessment

Air Interface Assessment

• GSM Air Interface

This assessment consists of scanning the air interface of GSM and assess it for different vulnerabilities that exist in the network.

In a GSM network, an attacker can perform distinct attacks such as

  • Impersonating
  • Redirecting calls of victim
  • Premium SMS fraud
  • Remote SIM Toolkit installation
  • Fake IMEI usage

• LTE Air Interface

IoT Security Assessment

IoT Security Assessment is a combination of security tests done with the wireless network, data, mobile application, and cloud security.

We conduct the Internet of Things (IoT) security testing by reviewing the entire product ecosystem from chip to code. Our robust security evaluations minimize cyber risks in connected devices.


Our Services include:
  • IoT Device Application Security Testing.
  • IoT Device Firmware Security Assessment.
  • Wireless Protocol Security Assessments.
  • IoT Cloud Web Security Testing.
  • IoT Device Network Services Security Testing.

Application Testing

It helps to enhance the quality of your applications while reducing costs.

Our process of Application Testing involves four stages:

  • Design test plans based on application requirements
  • Develop manual test cases and automated test scripts
  • Execute functional tests to validate application requirements
  • Execute load tests and tune application performance.

There are three ways in which we perform testing:
  • Black Box Testing
  • White Box Testing
  • Grey Box Testing

Hardware Testing

The goal of this testing is to identify vulnerabilities, documenting the risk posed by those vulnerabilities, and to provide recommendations to close the same.

Our process of Hardware Testing involves:

  • Identification of hardware and network interfaces on devices and applications.
  • Analysis of secure boot and authentication mechanisms.
  • Attempts to exploit available interfaces on the device.
  • Automated analysis of the device firmware to discover if vulnerable components are included with the device.
  • Manual review of the device firmware to uncover hardcoded credentials, command injection, and hidden commands on the system.
  • Manual penetration testing, focusing on best practices, performed from multiple user roles on each of the applications.
  • Determination and documentation of practical recommendations for remediation and remediation effort level for each finding.
  • Quality assurance review of the draft report.
  • Delivery of final report

Ready To See A Demo?