Techniques for security management in communication systems are provided. For example, a method includes receiving, from user equipment, a request indicating one or more security capabilities of the user equipment. The method also includes determining whether the indicated one or more security capabilities meet one or more designated criteria of a communication network, and rejecting the request by the user equipment responsive to determining that the indicated one or more security capabilities do not meet the one or more designated criteria of the communication network. For example, the request is rejected when it is determined that the user equipment does not support any encryption and/or integrity algorithms, or fails to support mandatory encryption and/or integrity algorithms. This serves to prevent malicious user equipment from gaining access to the communication network.