The World's Most Advanced VoIP Security Solution Provider
Features
Uses the latest VoIP-specific vulnerability data
The industry’s most comprehensive database of VoIP-specific vulnerabilities and threats provides proprietary and public VoIP/UC vulnerabilities and remediation recommendations.
Wide range of IT frameworks & standards supported
Comprehensive set of pre-defined audits against generally accepted IT control frameworks and information security standards, provided out-of-the box to “quick-start” the scanning process. These include:
- COBIT 4.1 & 5.0
- PCI DSS 2.0 & 3.0
- ISO 27002:2005 & 27002:2013
- NIST SP800-53
All audit results are stored in the database for later use as required.
Comprehensive reporting
Executive level reports provide a summary view of the VoIP/UC network security assessment and trending from prior assessments.
Detailed technical reports deliver vulnerability descriptions and the potential impact on VoIP/UC devices if exploited.
Detailed remediation instructions and low level details produced by actual test cases.
Coverage reports offer detailed information about which test cases were executed, how many times and if a particular vulnerability was discovered on the target.
Analytical reporting for in-depth analysis of collected data and information in addition to pre-defined reports.
Trending reports.
Export reports to HTML.
System Administration and Management
Role-based user access controls allow delegation of responsibilities to reflect organizational structure.
“Group” concept enables administrators to control the scope of responsibilities based on target type and associated test cases.
Complete coverage
The only commercially available VoIP/UC vulnerability assessment tool supporting both standard (SIP, H.323, RTP) and proprietary (Skinny, UNISTIM) based VoIP/UC solutions.
Industry-leading research
Our vulnerability database is constantly updated by a world-class VoIP/UC security research team.
VoIPshield Laboratories, the research division of VoIPshield Systems, constantly evaluates network protocols against new and existing system releases to discover new vulnerabilities and add them to our database. Our processes result in a robust database able to identify the most current vulnerabilities.
Comprehensive Protection Life Cycle
VoIPaudit runs on a fully-secure operating system and is downloaded to a computer or laptop. It can be used to evaluate different points of the VoIP/UC deployment life cycle including:
- In the lab – to validate vendor claims and identify security flaws before VoIP/UC is deployed.
- During the pilot stage – to test all VoIP/UC system components prior to going live to avoid introducing threats resulting from interactions and dependency between VoIP/UC applications.
- In production – to periodically review or audit your VoIP/UC network for changes to the system and identify new vulnerabilities that may have been introduced through new vendor software releases, administrative/configuration activities or hardware upgrades.
Highly Mobile
For IT security consultants and auditors, VoIPaudit provides a highly mobile security assessment and penetration testing platform that can be easily moved from one client’s VoIP network to another.
All the collected data and reports can be exported from the system in a number of formats, including XML for inclusion in standard reporting systems.
Low cost of ownership
An intuitive, easy-to-use interface provides all the features needed to easily execute audits and review results.
With VoIPaudit, security and IT staff can reduce or eliminate error-ridden manual checks and perform efficient assessments of their VoIP infrastructure without the need for specialized training.
Benefits
A client-based VoIP/UC vulnerability assessment application, VoIPaudit runs on notebook computers, offering an easy-to-use Web interface combined with back-end functionality that identifies, tracks, reports and assists in the remediation of security vulnerabilities.
With VoIPaudit, security and IT staff can reduce or eliminate error-ridden manual checks and perform efficient assessments of their VoIP infrastructure without the need for specialized training. This straight-forward yet proactive approach means fewer headaches at audit time because confidence is high that the VoIP system will pass the compliance audit.
For the CIO / IT Administrator
For IT security consultants and auditors, VoIPaudit provides a highly mobile security assessment and penetration testing platform that can easily be moved from one client’s VoIP network to another. The auditor can now be confident that findings take into account the VoIP elements of the IT infrastructure - increasingly cited by industry analysts as the 'blindspot' within Enterprise IT security.
For the Audit Practitioner
The most comprehensive solution available for Voice over Internet Protocol (VoIP) Vulnerability Detection, Monitoring, Compliance Reporting and Security.
Designed by and built for IT Security, Compliance and Governance experts
Introducing VoIPaudit 4.2
™
Install on a connected PC, add your call manager IP addresses, run the endpoint audit, view the reports. Job done.
You now have the data you need to ensure your VoIP system is not the 'blindspot' in your IT security.
VoIPaudit™ currently supports Cisco® CallManager 8, 9 and 10 and Ayava Aura® Call Manager 6.1, 6.2 & 6.3.
VoIPshield™ and VoIPaudit™ are trademarks of VoIPshield Systems, Inc.
Cisco® is a registered trademark of Cisco Systems, Inc.
Avaya Aura® is a registered trademark of Avaya Inc.