SOURCE: Codenomicon

March 16, 2006 12:54 ET

Codenomicon First to Offer Full Solution for Testing VoIP Security

Available for Immediate Delivery

SAN JOSE, CA -- (MARKET WIRE) -- March 16, 2006 -- Codenomicon, a leading developer of security testing tools, announced today the availability of its comprehensive solution for testing all levels of Voice over IP (VoIP) systems. With the introduction of the Codenomicon family of VoIP tools, vendors and companies deploying solutions in the VoIP market gain a needed level of testing to help ensure secure and robust solutions.

Opening the traditionally closed communication networks introduces new threats to telephony, such as hackers and worms. The dependability of a VoIP network and all of its various systems and devices should be no less than that of the traditional PSTN. This sets new requirements for the security, reliability and robustness of telephony devices. Codenomicon VoIP test tools help vendors improve their products by getting rid of security problems such as buffer overflows and crashes even before the software is released. This leads to dramatic cost savings in development and maintenance, and improves the product image.

"Our security solution now reaches all aspects of VoIP, testing everything from network foundations to VoIP signaling, media, and remote management. Codenomicon's complete VoIP solution is available for immediate delivery," says Isaac Sundarajan, CEO of Codenomicon.

Last summer Mikko Varpiola, VP Eng, Codenomicon, held a presentation on VoIP security vulnerabilities in open source software at Black Hat Briefings, Las Vegas. Using the Codenomicon VoIP robustness tools, widely popular and tested open source VoIP components were found to have hidden, unfound implementation flaws. These are the same flaws that can be exploited to potentially damage and bring down networks. Upfront robustness testing allowed the open source developers to fix these problems. Codenomicon has previously helped other open source organizations such as Apache Foundation and OpenSSL fix critical flaws in their implementations.

Despite the threats VoIP is exposed to, Codenomicon's CTO and co-founder Ari Takanen has an optimistic outlook on the future of VoIP security: "VoIP has the potential of becoming widely deployed in critical infrastructure. An active community in VoIP security can prevent the quality and reliability of VoIP from descending into the "patch-and-penetrate race" that has afflicted other Internet technologies. The problem can be addressed by third-party testing solutions from companies such as Codenomicon, but this requires attention from software providers."

Since 2002, Codenomicon has been developing and issuing state-of-the-art software testing tools for improving the security of VoIP systems and devices.

Codenomicon will be demonstrating its VoIP testing solution at the Spring 2006 VON Conference & Expo in San Jose, March 14-17. You will find us at booth #544 in the San Jose Convention Center, San Jose, CA, US. Ari Takanen will be talking at a panel entitled "Myths and Facts on SIP Security" along with Henry Sinnreich (, Phil Zimmermann (author of PGP and ZRTP), and Cullen Jennings (Cisco Systems). The panel will take place on Thursday, March 16 at 3:45-4:45. Mr. Takanen will also be hosting a panel discussion on firewalls and VoIP on Friday, March 17 at 12:30-1:30.

About Codenomicon

Codenomicon Ltd. develops and markets state-of-the-art software testing tools for proactive elimination and prevention of security vulnerabilities. The company serves industry-leading international telecom and internet companies. Codenomicon test tools are available for a wide range of protocols and file formats, including SIP, H.323, RTP, MGCP, SigComp, TLS/SSL, IPv4, and IPv6. The company is based in Oulu, Finland, with a subsidiary n San Jose, California. Visit for more information.

Contact Information