• Trustwave

    Managed Threat Detection

  • Speak with a Trustwave sales specialist to learn more.

    Looking for support? Use our global network of support specialists to get help. Get support now
      
  • Trustwave Managed Threat Detection provides the level of visibility you need to detect advanced threats within your operations using up to the minute SpiderLabs threat intelligence, sophisticated threat hunting techniques and includes support for a broad array of device types and SIEM implementations.

Overview

  • Improve Your Foresight

    Information sharing has been helping law enforcement and intelligence communities improve their capabilities for a long time. Trustwave Managed Threat Analysis Service brings the same concept to our SIEM Enterprise and SIEM Operations Edition customers, integrating automatically analyzed threat intelligence and reputation information into the SIEM. This enables forward warning and emerging threat detection within the SIEM, securely synchronized from the Trustwave Cloud.

Benefits

  • Trustwave’s Managed Threat Detection service provides advanced threat detection in an easily deployed offering supporting more than 500 discrete device types and log sources for comprehensive visibility throughout your environment. Additional benefits include;

    • 24x7x365 threat monitoring by highly skilled security analysts, including targeted threat hunting on an as needed basis to validate potential threats or confirm spread across the network
      • Provides you with an actionable list of all host systems affected and best practices advice and assistance with incident response and remediation activities
    • SpiderLabs developed and maintained threat indicators and use cases focused on up to the minute threat intelligence of both regional as well as global threats
    • Custom developed use cases and threat monitoring as an available option to customers who desire specific monitoring controls
    • Cloud, hybrid or custom deployment models supported, including a number of third party SIEM systems and log aggregation products

How It Works

    • Sources of Intelligence

      Trustwave leverages the expertise of our SpiderLabs team for the latest, most up to the minute threat intelligence available anywhere in the world. Additional sources of information we use as well includes:

      • A large variety of openly available lists of threat information such as:

        1. Botnet Domains
        2. Botnet URLs
        3. Malware Domains
        4. Email Phishing
        5. Phishing Domains
        6. Phishing URLs
      • Information on correlated threats from Trustwave SIEM Enterprise and SIEM Operations Edition customers who opt into crowd-sourcing intelligence.
      • May contain true positive information about compromised hosts and malware domains derived from automated SpiderLabs research and behavioral analysis from deployed Trustwave security products such as our Secure Web Gateway.
      • Powerful correlations derived from best practices and specific configuration settings to meet customers own local policies and requirements, within their SIEM product.
      • Environmental metadata specific to each customer's environment and assets, within their SIEM product.
    • Services

      Trustwave Managed Threat Detection Service is after all, a service. We guide customers through provisioning, registration and secure information synchronization setup, initial SIEM correlation setup with support for more than 500 device types, test the service with the customers SIEM to ensure the service is functioning and operational, and provide knowledge transfer on the service to Security Analysts and Business owners.

      Setting up the service is completed typically within a day. Most customers choose to have services delivered on-site however services can also be delivered remotely.