About us

About us


Enable Security provides offensive security tools and services, including Penetration Testing, to help clients create secure Real-time Communications (RTC) systems. Our clients are able to measure the robustness of their RTC security consistently and observe significant improvement in the robustness of their system.

Founded back in 2008 by Sandro Gauci, Enable Security has been providing high quality security testing and penetration testing services covering phone systems, web applications, network infrastructure, wireless and various other attack targets.

Enable Security GmbH was incorporated in December 2015, with its head-quarters based in Germany from where it operates as a distributed, remote company. The team at Enable Security takes a creative, manual approach, building their own security tools and taking the course of thinking like an attacker. This gives Enable Security the cutting edge in discovering and reporting vulnerabilities that conventional scanning tools or generic pentesting cannot find.

The team behind Enable Security has extensive industry experience and expertise in the field of IT security. It now focuses its efforts in the area that its team is most passionate about:

Real-Time Communications (RTC) security, including VoIP and WebRTC infrastructure.

Clients are based in the US and across Europe (including Malta), including:

  • Communications equipment vendors
  • Telephone companies / Telecomms
  • SaaS communications service providers
  • Service providers and VoIP providers

Sandro Gauci: CEO, Chief Mischief Officer

Sandro GauciSandro founded Enable Security in 2008 to offer quality penetration testing and security research to his clients. Prior to Enable Security, Sandro was a security researcher at GFI software, security analyst at CCBill and a freelance pentester. He grew up in Malta and has been hacking software and phone systems since he his teens.

He now leads the operations at Enable Security. Throughout the years, he has researched security vulnerabilities and worked on advisories for software and equipment from Microsoft and Cisco, among others. Sandro’s published works include topics on attacking VoIP (Voice over IP) systems, HTTP security, Web Application Firewalls and more recently, WebRTC infrastructure security. He is the author of well-known security tools like SIPVicious and wafw00f, which are used by other penetration testers and security auditors.

Alfred Farrugia: R&D, Chief Demolition Officer

Alfred FarrugiaAlfred is a senior security engineer with a particular interest in several programming languages (especially Java and Python, and more recently Go), automation and secure development.

Having worked in highly regulated environments (PCI, PA-DSS), his passion turned to understand and break applications by using fuzzing techniques (e.g. using American Fuzzy Lop, libfuzzer and internally developed fuzzing frameworks) and manual code analysis. He has worked with Enable Security in fuzzing various opensource and proprietary VoIP platforms some of which resulted in security advisories published by Enable Security.


Enable Security GmbH
Neuburger Stra├če 101 b
94036 Passau

Telefon: +49 15735985664
E-Mail: contact@enablesecurity.com
Register of Companies: Amtsgericht Berlin-Charlottenburg HRB 173016 B
Tax ID:  37 / 277 / 50040
VAT ID: DE 304514226

Managing director: Sandro Gauci
Get in touch