About us, Communication Breakdown and RTC security

Communication Breakdown is a blog about Real-time Communications security, especially concerned with SIP, VoIP and WebRTC infrastructure, run by the affable penetration testers and security researchers at Enable Security.

Sandro Gauci leads operations and research at Enable Security. To the real-time communications community he is known as the original developer of SIPVicious OSS, the SIP security toolset. At Enable Security, he helps develop offensive security tools in the RTC space and provides penetration testing services.

Alfred Farrugia is the lead developer of SIPVicious PRO, does reverse engineering, fuzzing, DoS simulation and security research. Hence he is the proud owner of the title of Chief Demolition Officer at Enable Security.

And, from time to time, other contributors write on our blog too!

Connoisseurs may perhaps notice the similarity of this website to the SIPVicious blog. As a matter of fact, this was originally the SIPVicious blog but the name implied being limited to just writing about the SIPVicious security tools. Aficionados may also recognise the reference to a well-known rock song from the late 60s. This is not a mere mistake.

At Enable Security, we test the security of real-time communications systems and since we need a blog to write about these things, we decided to adapt the good ol’ SIPVicious blog to something a bit more appropriate. So, please join us as we break down communications security and reflect on how the security of real-time communications may be fractured.

Our ambitious desire with this website is to write about our (in)security research, vulnerability findings, interesting protocol curiosities as well as cover related news and provide commentary.