[VoiceOps] Network Security Audit

[Ryan Delgrosso]

Dan,
I think you are functionally looking for two different companies.

I have used Accuvant to do general network security audits as well as 
focused vulnerability assessments in the past and have been very happy 
with them. Their level of understanding about the internet threat space 
is very comprehensive and their work is thorough, but companies versed 
in doing vulnerability assessments against the normal sorts of threats 
will not be accustomed to the types of threats an ITSP faces.

On the voip side the market is much more slim since very few understand 
the implications of carrier scale voip on a network, or the regulatory 
requirements that come with this space etc. My personal recommendation 
on the voip side would be for ECG, Mark Lindsey over there has a firm 
grasp of many of the security problems facing a telecom provider these 
days.

I've spent far too much time in recent months dealing with these sorts 
of topics, so please feel free to ask if you have other questions.

-Ryan


On 03/05/2013 08:54 AM, Dan White wrote:
> I have been asked by management to find options to bring in an external
> auditing company to evaluate our network and provide appropriate
> recommendations.
>
> We are a small telecommunications company looking for firms with 
> experience
> in Voice (VoIP) security audits, as well as general security experience
> appropriate for a Broadband ISP, with an internal corporate network.
>
> We're located in the southern US (Oklahoma).
>
> Public and private recommendations are welcomed.
>
> Thank You,