Category Security

SIP Certificates for Avaya Endpoints

As busy as I am these days, I have a hard time saying “no” when asked to write something for what I deem to be a worthy publication.  Case in point is the article on SIP Certificates that I wrote for IAUG Insights.  “Flip” to page 22 to find me. IAUG Insights  

How Vulnerable is Your SIP

“If you have built castles in the air, your work need not be lost; that is where they should be. Now put the foundations under them.” ― Henry David Thoreau I don’t like to think of myself as old, but there are times when I feel absolutely ancient.  This is especially true when it comes […]

Hacking as a Service Part Two: Help is Here

Two weeks ago, I introduced you to a new nemesis in Hacking as a Service Part One: The Evolution of the Bad Guy. The ways that people can do you harm has intensified and the tools they employ to carry out their dirty work are far more sophisticated than the ILOVEYOU worm that wreaked havoc […]

Hacking as a Service Part One: The Evolution of the Bad Guy

Despite the fact that I consider myself to be a peaceful and reasonably honest person, I adore movies about organized crime and extremely nasty people. Whether it’s Edward G. Robinson playing Rico in the 1931 classic, “Little Caesar,” or the more recent Hollywood offerings “American Gangster” and “The Departed,” there is something about bad guys […]

Mocana — Securing the App

I am not the kind of person who writes something simply to be controversial. While I have written a few articles for No Jitter that have caused some people to challenge my thoughts and opinions, I don’t write them with the sole purpose of raising a ruckus. I write them because I truly believe in […]

The VPN is Dead…

My job used to be a place I went to.  If my car broke down, I didn’t work.   If the roads were too icy to drive on, I didn’t work.  If I had to stay home waiting for a repair person, I didn’t work.  I suppose I could have sat down with a pad of […]

SIP Security at Converge2015

When you think about security in terms of SIP and VoIP, you need to consider four different areas.  First, you want to protect the SIP signaling.  Second, you need to protect the media stream.  Third, you need to ensure that people are who they say they are.  Lastly, you need to create a secure network […]

Pindrop Security

“What are you doing to make the world a better place?” I recently spoke with Andy Pittman at Pindrop Security and that was the first question I asked him. Over the years, I’ve heard plenty of dubious marketing fluff about a company’s products and services and I wanted something different. I wanted to know how […]

A Primer on Communications Security

You can’t apply security in just one place and be done with it. In my latest article for No Jitter, I explore the fundamentals of  keeping prying eyes and ears away from your enterprise communications.  In a world where hackers are everywhere and the damage they do can be enormous, this is not a subject […]

Understanding SIP Authentication

SIP as both a protocol and an architecture has a number of places where security can be applied. You can secure SIP signaling with Transport Layer Security (TLS). This encrypts the metadata of a call – e.g. who called who. You can secure the media of a session with SRTP – audio, video, etc. Session […]