VOIP Security Testing

Voice Over Internet Protocol (VOIP) Assessments are intended to identify risks and threats to the entire deployment. With the increasing adoption of VOIP systems this type of assessment is becoming critical to businesses and the security of their systems.

Within a typical VOIP deployment there are a number of components, any or all of which could provide a lucrative target for attack:

• The Server: which manages connections and, in some cases, provides switching capabilities to the telephony devices, the storage of voicemails and automated voice response systems.
• Softphones: which take the form of software running on a desktop, laptop or even a smart phone.
• VOIP phones: which take the physical form of a more “traditional” telephone but are akin to small PCs running software.
• The Network Protocol: there are many differing VOIP protocols and CODECs that provide session initiation and the streaming of voice data between telephones.

The RootShell Security team will assess each facet of the entire VOIP deployment to ascertain its vulnerability to a broad spectrum of security weaknesses