SecurityGen ACE improves security posture for the mobile operators
SecurityGen launched a new ACE (Artificial Cybersecurity Expert) breach and attack simulation platform.
ACE provides an automated approach to assess and improve the security posture of mobile operators by continuously testing the strength of their network defences against simulated attacks and techniques.
ACE works by identifying and reporting potential gaps and vulnerabilities within the operator’s network. It then carries out simulations of real-world attacks on these vulnerabilities to assess their seriousness and the potential damage that an actual attack could cause.
Finally, ACE generates a detailed security posture report that includes remediation guidance to help the operator address the vulnerabilities and prevent future security breaches before they happen.
Commenting on the launch, SecurityGen co-founder and CEO Amit Nath said, “Operators today are asking for fast, efficient and cost-effective inspections and assessments of the security of their networks. But current manual assessment techniques are expensive, resource-intensive and need specialist expertise. Operators are unable to conduct them as regularly and frequently as they should do.
“As a result, mobile networks are left extremely vulnerable to security threats, which if not detected, can cause widespread damage and disruption – everything from network outages and denial of service attacks targeting groups of subscribers or particular areas: to the theft of sensitive personal data for fraudulent purposes. The new ACE platform addresses this pressing operational need for operators.”
The ACE platform is the centrepiece of SecurityGen’s range of products and services. It draws on the vast knowledge and experience of SecurityGen’s core team who have between them conducted a combined total of more than 300 telecom network security assessments during their careers.
Importantly, its in-built AI module enables it to constantly learn and enhance its performance by incorporating actual, real-life scenarios and attack vectors that have been identified in the field.
The ACE platform is cloud based, which means operators don’t need to install it directly, or even reconfigure their network. ACE provides critical assessment of signalling network security and GSMA compliance tests. It covers everything from 5G networks to legacy platforms like HTTP/2, Diameter and SS7 signalling, and the GTP protocol.
ACE’s flexibility along with its ease of use enables different teams within the same operator to use the platform to test the network according to their particular requirements – including how frequently they need to carry out inspections. The core network team’s security needs will be different to those of the RAN team, which will in turn be different to the customer experience team and the fraud team.
“Every mobile network is different and unique, in terms of its infrastructure equipment, configuration, and multiple other variables,” explained SecurityGen co-founder and CTO Dmitry Kurbatov. “That’s why there is no one-off security solution or methodology that operators can deploy that will make their network completely safe forever.”
“Furthermore, new technologies like 5G, Virtualization, Cloud, Artificial Intelligence, Internet of Things, and disaggregation – together with ensuring seamless compatibility between 2G, 3G, and 4G/LTE networks – means mobile networks are far more complex and dynamic than ever before,” he continued.
“But as networks have become more complex and dynamic – including with the arrival of 5G – new and serious security challenges have emerged for operators. Current preventative security measures are not enough to properly protect networks and subscribers alike from malicious external attack,” Kurbatov continued.
“The ACE platform is a custom-built, operator-grade solution that changes the game entirely for telecoms security. Its continuous, automated inspection and constantly updated database of the latest threat scenarios helps identify gaps in operators’ network defences: its remediation guidance then helps close these gaps and strengthen operators’ security posture. ACE gives mobile operators the expert insight and advice they need to defend their networks and protect their subscribers on an ongoing basis.”