Whsipder
zero trust for telecom

Quick Start

Deploy Whsipder in front of your PBX in under five minutes. No trunk reconfiguration, no carrier coordination, no downtime.

What is Whsipder?

Whsipder is an adaptive call threat mitigation platform that sits transparently between your carrier trunks and your PBX. It intercepts every SIP INVITE at the network edge, runs a 25-layer scoring engine against the call in real time, and either passes clean calls through or challenges suspicious ones with an audio CAPTCHA. For calls that pass through, Whsipder's cloud GPU pipeline performs live audio analysis including speech-to-text, deepfake detection, and voice fingerprinting.

Architecture Overview


  Carrier Trunks         Whsipder Edge            Your PBX
  ─────────────         ──────────────           ─────────
                   ┌─────────────────────┐
  SIP INVITE ────> │  Drachtio  (:5060)  │ ────> PBX (:5080)
                   │  RTPEngine (media)   │
                   │  Scoring Engine      │
                   │  Redis (state)       │
                   └────────┬────────────┘
                            │
                            v
                   ┌─────────────────────┐
                   ┌─────────────────────┐
                   │  Whsipder Cloud      │
                   │  GPU Audio Analysis  │
                   │  Central API         │
                   │  Dashboard           │
                   └─────────────────────┘

Carriers continue sending traffic to the same IP. The edge node binds to port 5060 and proxies calls to your PBX on port 5080. Your PBX sees calls arriving from localhost with all original SIP headers intact.

Prerequisites

  • A Whsipder tenant account (sign up at admin.whsipder.io)
  • A Linux server running your PBX (Ubuntu 22.04+ or Debian 12+)
  • Root / sudo access on the PBX server
  • Port 5060/UDP open for inbound SIP from your carriers
  • Outbound HTTPS access for API sync (port 443)

Setup Steps

1

Create a tenant and get your bootstrap key

Log in to admin.whsipder.io, navigate to Settings > Edge Nodes, and click Add Edge Node. Copy the bootstrap key shown in the modal. This key authenticates the edge during initial registration and is single-use.

2

Install the edge on your PBX server

SSH into your PBX server and run the one-liner. The installer auto-detects your PBX type (Asterisk, FreePBX, FreeSwitch, Kamailio) and reconfigures it to listen on port 5080.

bash
curl -sSL https://get.whsipder.com/edge | bash -s -- \
  --bootstrap-key YOUR_KEY \
  --public-ip YOUR_IP

Replace YOUR_KEY with the bootstrap key from step 1 and YOUR_IP with the public IP address that your carriers send SIP traffic to.

3

Verify the call flow

Place a test call from your carrier or a SIP phone. In the dashboard, navigate to Live Feed and confirm the call appears with a green score. On the PBX server, check that the call arrived on port 5080 with the original caller ID intact.

4

Monitor in the dashboard

The dashboard at admin.whsipder.io shows real-time call scoring, threat breakdowns, historical analytics, and compliance status. Configure alert thresholds under Settings > Alerts to receive notifications for high-risk calls.

What's Next

Edge Deployment →
Full installation guide with manual setup, configuration reference, and troubleshooting.
PBX Integration Guides →
Platform-specific instructions for Asterisk, FreePBX, FreeSwitch, and Kamailio.