THREATS TO PACKET CORE SECURITY OF 4G NETWORK

Similar documents
Express Monitoring 2019

Taking Over Telecom Networks

CONTENTS. Subscriber denial of service...9 Causes of vulnerabilities Recommendations for protection Conclusion... 13

DAY 2. HSPA Systems Architecture and Protocols

Positive Technologies Telecom Attack Discovery DATA SHEET

Configuring Security on the GGSN

Vulnerabilities in online banking applications

GPRS security. Helsinki University of Technology S Security of Communication Protocols

Contents VULNERABILITIES OF MOBILE INTERNET (GPRS), 2014

UMTS System Architecture and Protocol Architecture

Cyber Security Threats to Telecom Networks. Rosalia D Alessandro Hardik Mehta Loay Abdelrazek

Overview of GPRS and UMTS

Quality of Service, Policy and Charging

IT Certification Exams Provider! Weofferfreeupdateserviceforoneyear! h ps://

VULNERABILITIES IN 2017 CODE ANALYSIS WEB APPLICATION AUTOMATED

E. The enodeb performs the compression and encryption of the user data stream.

Exam Questions 4A0-M02

Simulation of LTE Signaling

07/08/2016. Sami TABBANE. I. Introduction II. Evolved Packet Core III. Core network Dimensioning IV. Summary

MSF Architecture for 3GPP Evolved Packet System (EPS) Access MSF-LTE-ARCH-EPS-002.FINAL

Achieving End-to-End Security in the Internet of Things (IoT)

Configuring GPRS Tunneling Protocol Support

High-Touch Delivery Learning Services

UMTS Addresses and Identities Mobility and Session Management

GLOBAL SYSTEM FOR MOBILE COMMUNICATION (2) ETI2511 Friday, 31 March 2017

SGSN in a 2.5G GPRS Network, page 1

Impact of the LTE Migration for MVNOs

Mobile Security Fall 2013

Temporary Document Page 2 - switches off, the allocated resources and PCC rules information of PDN GWs used by the UE in non- network will not be dele

PCC (Policy and Charging Control) In Mobile Data. EFORT

Agenda. Introduction Roaming Scenarios. Other considerations. Data SMS Voice IMS

Kaspersky Enterprise Cybersecurity. Kaspersky Security Assessment Services. #truecybersecurity

Ingate SIParator /Firewall SIP Security for the Enterprise

Five Nightmares for a Telecom

SOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications

A Flow Label Based QoS Scheme for End-to-End Mobile Services

GPRS billing: getting ready for UMTS

New and Current Approaches for Secure VoIP Service

Delivery of Voice and Text Messages over LTE 13 年 5 月 27 日星期 一

Wireless LAN Security (RM12/2002)

Spirent Landslide VoLTE

Nexus8610 Traffic Simulation System. Intersystem Handover Simulation. White Paper

Orange Smart Cities. Smart Metering and Smart Grid : how can a telecom operator contribute? November

How Voice Service Threatens Cellular- Connected IoT Devices in the Operational 4G LTE Networks

The Evolution of Diameter Signaling

Long Term Evolution - Evolved Packet Core S1 Interface Conformance Test Plan

3G TS V3.1.0 ( )

On the Radar: Positive Technologies protects against SS7 network vulnerabilities

Overview of GPRS and UMTS

GSM security country report: Thailand

Mavenir Keynote. Think Smarter Secure communication Innovate Services. By Mohamed Issa Regional Head of Africa Sales

GSM security country report: Estonia

System Architecture Evolution

SECURITY TRENDS & VULNERABILITIES REVIEW FINANCIAL SYSTEMS

Voice over Long Term Evolution Migration Strategies

Subscriber Data Correlation

Multi-Layered Security Framework for Metro-Scale Wi-Fi Networks

The Common Controls Framework BY ADOBE

Trojans in SS7 - how they bypass all security measures

AAA Authentication: New Use Cases

Wayward Wi-Fi. How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk

T325 Summary T305 T325 B BLOCK 2 4 PART III T325. Session 1 Block III Part 2 Section 2 - Continous Network Architecture. Dr. Saatchi, Seyed Mohsen

PRIMARY SECURITY THREATS FOR SS7 CELLULAR NETWORKS

When the Lights go out. Hacking Cisco EnergyWise. Version: 1.0. Date: 7/1/14. Classification: Ayhan Koca, Matthias Luft

TECHNICAL BRIEFING: MOBILE ACCESS TO THE INTERNET. Bornholm, October 2003

Mobile network security report: Ukraine

3GPP TS V9.4.0 ( )

3GPP TS V ( )

Multi-Layer Security Protection for Signaling Networks

EXAM - CAS-002. CompTIA Advanced Security Practitioner (CASP) Exam. Buy Full Product.

GTP-based S2b Interface Support on the P-GW and SAEGW

Talk 4: WLAN-GPRS Integration for Next-Generation Mobile Data Networks

CTS2134 Introduction to Networking. Module 08: Network Security

WEB APPLICATION VULNERABILITIES

COMPUTER NETWORK SECURITY

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder.

IPv6 migration strategies for mobile networks

vepc-based Wireless Broadband Access

OUR PRODUCTS. PT Application Firewall. PT Application Inspector. MaxPatrol

A Method for Real-Time Session Management on a Mobile Network

ETSI TS V8.3.0 ( ) Technical Specification

The Evolution and Future of Mobile Communication Systems. Written by David G Ainscough Copyright 2001 D.G.Ainscough

5G NSA for MME. Feature Summary and Revision History

Pioneer Communications Internet Services Disclosure

Internet of Things (IoT) Attacks. The Internet of Things (IoT) is based off a larger concept; the Internet of Things came

Basic SAE Management Technology for Realizing All-IP Network

1. Do the Create PDP or Update PDP requests from the SGSN arrive at the GGSN?

CDG Technology Forum Inter-Technology Networking

Vendor: Cisco. Exam Code: Exam Name: Implementing Cisco Service Provider Mobility UMTS Networks (SPUMTS) Version: Demo

GGSN Pooling Support for Firewalls

PROACTIVE APPROACH. INTELLIGENT CYBERSECURITY. ptsecurity.com

3GPP TS V ( )

WHITE PAPER. Session Border Controllers: Helping keep enterprise networks safe TABLE OF CONTENTS. Starting Points

A MODEL FOR INTERCONNECTION IN IP-BASED NETWORKS

Telecoms: Generational Evolution of Attack Surfaces. HITB Beijing 2018

CYBER ATTACKS EXPLAINED: WIRELESS ATTACKS

HOLISTIC COMMUNICATIONS SECURITY

6 KEY SECURITY REQUIREMENTS

HSS Resiliency Surviving attach storms in the networks of today and tomorrow

Enabling FMC: Airvana Universal Access Gateway

Transcription:

07

CONTENTS Terms and abbreviations... : main components and protocols...4 Attack scenarios...5 What is necessary for a successful attack...5 Threats to EPC security...7. Fraud...7. Connection hijacking...8. DoS attacks on subscribers...9 4. DoS attacks on the operator s equipment...0 5. Control packets inside a user tunnel: GTP-in-GTP... Conclusion...

TERMS AND ABBREVIATIONS GPP The rd Generation Partnership Project AUC Authentication Center CDR Charging Data Record CGF Charging Gateway Function Diameter Аn authentication, authorization, and accounting protocol for computer networks DPI Deep Packet Inspection EIR Identification Register Evolved Node B is the element in air interface of GPP LTE GRX GPRS Roaming Exchange GTP-C GTP control protocol is the control section of the GTP standard GTP-U GTP user data tunneling is in effect a relatively simple IP-based tunneling protocol which permits many tunnels between each set of endpoints HLR Home Location Register HSS Home Subscriber Server IMS IP Multimedia Core Network Subsystem IMSI International Mobile Subscriber Identity LTE Long Term Evolution Mobility Management Entity OCS Online Charging System OFCS Offline Charging System MSISDN Mobile Station ISDN Number PCEF Policy and Charging Enforcement Function PCRF Policy and Charging Rules Function Packet Data Network Gateway SAP S Application Protocol SCTP Stream Control Transmission Protocol Serving Gateway SS7 Signaling System No. 7 TEID Tunnel Endpoint Identifier TMSI Temporary Mobile Subscriber Identity UDP Datagram Protocol UE VLR Visitor Location Register

Broad adoption of 4G mobile networks has simplified access to high-speed Internet for billions of users. However, more than smartphones, tablets, and computers are connecting to 4G en masse. The high speeds and minimum latency of LTE networks allow using them for building out the infrastructure of the Internet of Things. Analysts estimate that by 0, the number of IoT devices connected to mobile networks will increase from 400 million to.5 billion. Thus the security of Smart City systems, self-driving connected cars, and other IoT technologies will partially depend on the security of today s (4G) and tomorrow s (5G and LTE-M) mobile networks. In 06, Positive Technologies experts analyzed the security of 4G signaling networks. On all the tested networks, the experts found vulnerabilities caused by fundamental deficiencies in the. The issues detected allow disconnecting one or more subscribers, intercepting Internet traffic and text messages, causing operator equipment malfunction, and carrying out other illegitimate actions. To exploit vulnerabilities in 4G networks, an attacker does not need hard-to-obtain tools or considerable skill. This report details possible attack scenarios and lists the measures necessary to improve security. EVOLVED PACKET CORE: MAIN COMPONENTS AND PROTOCOLS For 4G networks, the GGP consortium developed a new architecture for the network core the System Architecture Evolution (SAE) which is designed around the (EPC). Compared to previous-generation networks, the structure of the EPC is simpler (Figure ), with increased bandwidth and reduced signal delays in the transmission of user data and service information. One important component in prior generations, the circuit-switched network, has disappeared entirely. Instead, 4G networks are built as an All IP Network, in which data and voice calls are transmitted in a packet environment. However, not all operators have implemented the necessary technologies (for example, IMS for VoIP) for voice transmission via 4G. In such cases, when a call is made, the subscriber s connection is downgraded to G/G and may be subject to the vulnerabilities that we have described on numerous occasions in our previous research. External Networks Internet, VPN, IMS GTP-U GTP-U UDP OCS/OFCS Diameter SCTP Diameter SCTP (PCEF) GTP-C UDP GTP-C Unspecified XML/SOAP Diameter SCTP SAP SCTP plane (payload) PCRF HSS Figure. (EPC) structure Ericsson Mobility Report 06: www.ericsson.com/assets/local/mobility-report/documents/06/ericsson-mobility-report-november-06.pdf Primary security threats for SS7 cellular networks (06): www.ptsecurity.com/upload/corporate/ww-en/analytics/ss7-vulnerabilities-06-eng.pdf 4

The following elements are the main components of the packet core: Home Subscriber Server (HSS) is a large database for storing information about subscribers. In effect, the HSS replaces the VLR, HLR, AUC, and EIR databases used in G/G networks. Serving Gateway () handles transmission and processing of user data between user equipment (UE) and the base station subsystem of the operator s LTE network (). Packet Data Network Gateway () manages data streams transmitted to external packet networks, and in essence acts as the entry and exit point for user traffic on the operator s network. When combined with the PCEF (a network element responsible for applying charging rules), it ensures the correct operation of billing systems and the application of charging rules. Mobility Management Entity () enables switching between base stations and roaming. In addition, the is responsible for authenticating user equipment (UE) by interacting with the HSS, as well as for selecting the. Each EPC node can, in addition to checking and filtering network packets by their content (DPI), implement lawful interception functions used by law enforcement agencies. For interaction, EPC nodes use the GPRS Tunneling Protocol (GTP), S Application Protocol (SAP), Diameter, and other protocols. The main threats to the Diameter protocol are detailed in our previous report. The attacks analyzed in this report are aimed at nodes that interact via the GTP protocol. ATTACK SCENARIOS Of particular interest to attackers are special interfaces for exchanging information between EPC components. These interfaces are rich with signaling traffic, which consists of both service and user information. None of these interfaces have built-in data encryption mechanisms, due to which attackers can conduct the following attacks: + Interception of user MSISDN and IMSI + Subscriber location discovery + Man-in-the-middle attacks for unencrypted traffic (interception of access to unencrypted mail, browsing history, etc.) + Interception of text messages + Eavesdropping on VoLTE calls via packet interception + Identity spoofing for fraudulent purposes + Denial-of-service attacks on subscribers causing loss of user data during transmission, and call interruptions on VoLTE networks + Denial-of-service attacks on equipment causing network disruptions The majority of possible attack scenarios are possible because of how roaming is implemented and deficiencies in inter-operator interaction via the GRX network (GPRS Roaming Exchange). Signal and user traffic crosses the network boundary of one operator and is transmitted both over the GRX transit packet network and over the guest operator network. To ensure user authentication and the application of charging rules, the participants of inter-operator exchange interact via open interfaces. An attacker can take advantage of these interfaces to attack subscribers or the operator s equipment. 4 WHAT IS NECESSARY FOR A SUCCESSFUL ATTACK Such attacks via the GRX global roaming exchange network can be conducted by employees of almost any mobile operator as well as by external attackers who have access to the operator s infrastructure. An external attacker could gain such access by taking advantage of dictionary passwords or the simplest vulnerabilities on the network perimeter. Before LTE, voice call interception required that the attacker have special equipment and indepth knowledge of the specific protocols used for voice calls. But since 4G networks are built on the principle of All IP Network, the attacker can use all currently available hacking tools, which are largely automated and do not require a deep understanding of the nature of the attack. It is enough for an attacker to have a laptop, public-domain software for penetration Next-generation networks, next-level cybersecurity problems: www.ptsecurity.com/upload/iblock/a8e/diameter_research.pdf 4 www.ptsecurity.com/upload/corporate/ww-en/analytics/gprs-vulnerabilities-eng.pdf 5

testing, and basic programming skills. Real operator GGSNs are often available on the Internet with real APNs and subscribers, which reduces the time to prepare the simplest attack a DoS attack on a subscriber to just several hours, including preparation of the necessary tools. The data needed to start an attack depends on the protocols involved and the required message parameters. Initially, the attacker needs to have the Temporary Mobile Subscriber Identity (TMSI), International Mobile Subscriber Identity (IMSI), and Tunnel Endpoint Identifier (TEID). The attacker can obtain the correct TEID by bruteforcing, that is, sending GTP-U messages with arbitrary TEID values to the. If the TEID is incorrect, the responds with a GTP-C "Error Indication" message; if no error message is received, the TEID is correct (Figure ). Although a full search can take several hours, the range of TEID values can be predicted for most devices, which allows reducing this time to several minutes. plane (payload) GTP-U TEID+Data (massive) TEID TEID TEID GTP-C Error Indication Figure. Bruteforcing the Tunnel Endpoint Identifier (TEID) To successfully conduct some of the described attacks, the attacker needs to specify the victim s TMSI in the generated requests. The TMSI can be obtained by bruteforcing, passive radio scanning with the help of a fake base station (FakeBTS) or an IMSI catcher. Identification Request plane (payload) TEID+TMSI IMSI Identification Response Figure. Determining the subscriber s IMSI 6

With the TEID and TMSI, an attacker can then determine the subscriber s IMSI (Figure ). For this, the attacker needs to send a GTP-C "Identification requests" message to the. If the request succeeds, an "Identification Response" message containing the IMSI of the victim subscriber is received in response. The IMSI is the basic ID used for attacking SS7 and Diameter. In addition, this attack allows bypassing the radio interface protection that masks real IMSIs by replacing them with TMSIs, and tracking subscriber location by passive radio scanning. THREATS TO EPC SECURITY The EPC is the basis of 4G networks, but it contains protocols and mechanisms for backward compatibility with previous-generation networks (G/G). For example, the and must support the older GTPv protocol for normal switching from 4G to G/G when LTE becomes unavailable. In some cases, even if a device can handle GTPv packets, equipment manufacturers may overlook GTPv packet validation: work on obsolete technologies usually stops when new ones appear, and it is often impossible to simply disable support for the old protocol. As a result, the attacker can conduct attacks on subscribers and the operator s equipment via the GTPv protocol, which is easier and faster. For example, to intercept a subscriber s Internet session, the parameters of the GTPv "Context Request" message must contain the reason for sending this message (location update), switching parameters, encryption types supported by the mobile device, etc. By contrast, its GTPv equivalent, the "SGSN Context Request" message, must contain only the TMSI. The attack scenarios detailed in this report involve GTPv messages.. Fraud Insufficient protection of EPC components allows the attacker to gain access to the operator s services and resources bypassing the charging system or at the expense of other subscribers. As a result, the operator may suffer direct financial losses, while subscribers may receive huge bills for services that they did not actually use. Such situations may occur if IP addresses of devices that send requests to operator s equipment are not verified. plane (payload) Lost Connection Create Session Request IMSI IMSI Create Session Response As Internet Figure 4. Using services at the expense of the operator or another subscriber by sending a GTP-C request An attacker can spoof another subscriber s identity to gain unauthorized Internet access by sending a specially generated GTP-C "Create Session Request" service message to the (Figure 4). If the request contains an IMSI belonging to an actual subscriber, the charging system will charge this subscriber for all traffic used by the attacker. Otherwise, when the IMSI is not assigned to an actual subscriber, data transmission costs will be incurred by the operator (Figure 4). 7

plane (payload) Free Internet GTP-prime Redirection Request Spoofed IP GTP-prime Redirection Response CDR CDR CDR CDR CDR CDR CGF Figure 5. Using the CGF buffer to bypass the CGF Another variant of this attack (Figure 5) uses the CGF (Charging Gateway Function) failover mechanism. This component is responsible for receiving and verifying detailed data on the service provided CDR (Charging Data Record) in the billing system. When the CGF buffer is overflowed or overloaded, data on the service provided can be rejected by a "Redirection Request" message that contains the IP address of a backup gateway. By exploiting this fact, attackers can send such requests to the indicating their IP addresses as free CGF addresses, which allows bypassing the CGF. The described attack scenarios can potentially give attackers unauthorized unlimited access to resources, for example to services that are not included in the attackers rate plan, which will inflict direct financial losses on the mobile operator.. Connection hijacking This type of attack threatens to leak sensitive subscriber data and compromise important resources. The attacker can continue spoofing the subscriber s identity, and when the connection is handed over to the subscriber, the subscriber will be denied further service. plane (payload) Lost Connection Modify Bearer Request Modify Bearer Response As Internet Figure 6. Hijacking the Internet connection by sending a "Modify Bearer Request" message 8

Context Request plane (payload) Context Response As Lost Connection Internet Figure 7. Hijacking the Internet connection by sending a "Context Request" message The same attack can be conducted on the by using a specially generated GTP-C "Context Request" message in which the TEID and TMSI of the subscriber being attacked are specified among other parameters (Figure 7). The described scenario, which is made possible due to a vulnerability in the GTP protocol and failure to verify the sender s IP addresses, allows the attacker to access the Internet as a subscriber. This method can be used for bypassing lawful interception systems, for example by fugitives hiding from law enforcement agencies.. DoS attacks on subscribers In the EPC, several scenarios for conducting a denial-of-service attack blocking the subscriber s Internet connection are possible. If the connection is lost once, the user can restart the smartphone to restore it. But if the attacker is conducting such an attack continuously, the subscriber will be blocked completely. By bruteforcing TEIDs, the attacker can disconnect multiple users at once. Such actions significantly affect the overall quality of services provided and subscribers loyalty to the operator. Delete Bearer Request plane (payload) TEID Delete Bearer Response Lost Connection as (IP Spoofing) Figure 8. DoS attack on a subscriber via a "Delete Bearer Request" message 9

This attack (Figure 8) is successful if the sender s address is not verified on the operator s equipment when the attacker sends a GTP-C "Delete Bearer Request" message, posing as the, to the containing the subscriber s TEID; the sender s IP address is replaced with the IP address of the. After this, the subscriber s device is disconnected until it is reconnected to the network or restarted. plane (payload) Lost Connection Delete Session Request TEID Delete Session Response Figure 9. DoS attack on a subscriber via a "Delete Session Request" message The attacker can also disconnect the subscriber from the Internet by obtaining the TEID of the subscriber s current session and sending a GTP-C "Delete Session Request" message to the (Figure 9). 4. DoS attacks on the operator s equipment Manufacturers of telecommunications equipment do not always scrutinize the "worst-case scenarios" of how interfaces and protocols may be abused, preferring to assume that all network elements will comply with standards. Our experience shows that several specially crafted incorrect packets can cause elements of the operator s signaling network to malfunction (Figure 0). Messages (malformed packets) Lost Connection Errors Rebooting plane (payload) s Mass Disconnection Messages (malformed packets) Lost Connection Errors Rebooting Figure 0. DoS attack on an operator via incorrect packets 0

Such vulnerabilities must be promptly eliminated in accordance with the recommendations detailed in the Conclusion section of this report. errors during message processing can lead to network disruptions, degradation of quality, or denial of service for multiple subscribers. 5. Control packets inside a user tunnel: GTP-in-GTP Another major security problem is caused by GTP-U tunnels, containing user data, that terminate at the. Only their payload is transmitted to external networks. If an authorized mobile Internet user encapsulates a service packet (GTP-C) as payload in а GTP-U packet, the may treat this as a control signal packet, instead of sending them along together down the network. Thus, if GTP-in-GTP attacks are not blocked on the network, all attacks described in this report are possible not only from inside the network but also from a subscriber LTE modem or mobile phone (Figure ). plane (payload) TEID = Lost Connection Delete Session OK Internet TEID = As GTP-U Message: Delete Session Request TEID = Figure. Attacks possible not only from inside a network but also from a mobile phone For example, a DoS attack on a specific user can be conducted by sending GTP-C "Delete Session Request" subscriber disconnection service messages to the, posing as another user via GTP-U. CONCLUSION This report demonstrates the main security threats related to the centerpiece of 4G (LTE) networks, the EPС. With interfaces available to attackers from external networks and manufacturers of telecommunications equipment paying little attention to security, mobile operators are poorly prepared for attacks. The simplified packet core structure and the transition to the All IP Network model enable potential attackers to use a wide range of already-existing tools to conduct attacks such as identity spoofing for fraudulent purposes, interception of text and email messages, eavesdropping on VoLTE calls, and blocking connections. Some of these threats are caused by deficiencies in operator s equipment configuration, for example failure to verify the sender s IP address and device port. Attackers can therefore spoof the sender s address or create, intercept, and terminate sessions as another subscriber. Other problems arise from the lack of encryption on device interfaces, which enables attackers to exploit the operator s service information. It is necessary to keep in mind that lax or absent protection mechanisms are a deliberate choice made by industry, who shortchanged security in favor of reducing network delays and increasing data processing speeds. In today s competitive telecom market, mobile operators are forced to immediately absorb new technologies with minimal consideration of subscribers security. Attempts to add protection mechanisms, such as the Security Gateway, can only add to delays.

However, with the rise of the Internet of Things (IoT) and the Industrial Internet of Things (IIoT), the security of 4G networks will rise higher on the agenda in coming years than ever before. For example, as estimated by the Global Agenda Council for the Future of Software and Society and announced during the World Economic Forum, by 06 0 percent of all cars in the world will be self-driving. 5 By this time, the first smart city is expected to appear, with automated management of energy, logistics, and traffic, and AI will be involved in making business decisions at the board level. Exploitation of poorly protected communication channels and malicious disruptions in the operation of such systems can lead to serious consequences for city infrastructure, disasters at industrial facilities, and transport disruptions. That is why the first mobile operators to build a secure ecosystem to connect IoT infrastructure will gain a strong competitive advantage. Mobile operators must ensure protection of communications and equipment from unauthorized access, and regularly assess the security of their infrastructure, especially in and around interconnects with other operators (GRX, in the case of the EPC). To develop adequate measures, operators should start by assessing the security of the packet core and signaling network equipment. It is necessary to analyze the potential attack vectors available to attackers and assess the risks associated with them. Based on this testing, recommendations can include measures at both the level of equipment (to prevent physical access to hardware and communications) and software (logical security measures to protect data from unauthorized access, for example using IPSec). Any changes to the quantity or quality of equipment affect network configuration, and therefore can degrade network security. Keeping security settings up to date requires special tools for monitoring, analyzing, and filtering messages that cross network boundaries. Implementation of these measures is a network-by-network task. Responsibility for the completeness and promptness of security measures lies entirely with individual mobile operators and the contractors maintaining networks on their behalf. 5 www.weforum.org/docs/wef_gac5_technological_tipping_points_report_05.pdf About Positive Technologies Positive Technologies is a leading global provider of enterprise security solutions for vulnerability and compliance management, incident and threat analysis, and application protection. Commitment to clients and research has earned Positive Technologies a reputation as one of the foremost authorities on Industrial Control System, Banking, Telecom, Web Application, and ERP security, supported by recognition from the analyst community. Learn more about Positive Technologies at ptsecurity.com. 07 Positive Technologies. Positive Technologies and the Positive Technologies logo are trademarks or registered trademarks of Positive Technologies. All other trademarks mentioned herein are the property of their respective owners. info@ptsecurity.com ptsecurity.com EPC_A4.ENG.0004.05

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback