• Trustwave

    Digital Forensics & Incident Response

  • Speak with a Trustwave sales specialist to learn more.

    Looking for support? Use our global network of support specialists to get help. Get support now
  • A quick and efficient response to a cyber-attack can save an untold amount of time, money and staff hours. Determine the source, cause and extent of a security breach quickly with Trustwave DFIR Consulting services. Or work proactively with the renowned Trustwave SpiderLabs team to better understand your organizations’ cyber-threat preparedness and solidify your posture against advanced threats.

  • runner-on-black

    Experiencing a Security Breach?

    24hr Hotline
    +1 (866) 659-9097 Option 5


  • If your organization has a very low tolerance for security risk, then you need a highly mature security program. One that's built on a strong foundation that repels most attacks while also able to proactively search out and address the most complex threats that could penetrate your defenses.

    Finding skilled experts to perform advanced readiness and response services like proactive threat hunting is a massive challenge. Trustwave SpiderLabs DFIR consulting delivers them to you.

  • application screenshot

  • Approved PCI Forensic Investigator (PFI)

    Participant in the U.S. Secret Service's Electronic Crimes Task Forces (ECTF)

    Member of the International Association of Financial Crimes Investigators

    Member of the International Association of Chiefs of Police (IACP)


    • Our Experts Work for You

      Trustwave DFIR services are performed by our renowned security team, SpiderLabs.  SpiderLabs experts have extensive experience with the tools and techniques used by today's advanced attackers, allowing them to immediately respond to security breaches and proactively prepare you for future attacks.
    • 24x7 Global Response

       The SpiderLabs team consists of 150+ specialized security experts who work around the globe, enabling them to respond to breaches quickly and in an organized manner which is paramount in containing a breach, limiting exposure, stemming losses and preserving evidence.

    • Flexible Service Delivery

       Trustwave DFIR isn't a single service. Emergency response is available if you know or suspect you've been breached. And a variety of proactive incident response preparation services are available to help your organization in the most effective way possible.

    • Litigate with Confidence

      Trustwave SpiderLabs has expertise in digital evidence handling, which ensures the protection of chain-of-custody for the evidence of a digital crime
    • Demonstrate Due Diligence

      If your board and shareholders are like most, they're asking what you're doing to protect your organization from a cyberattack. Trustwave DFIR consulting can help you create a board-ready structured and comprehensive approach to incident management that addresses threat readiness before, during, and after incidents.
    • PCI Forensic Investigator-Ready

      Trustwave SpiderLabs is a certified PCI Forensic Investigator (PFI) and one of only two providers that has been authorized by the PCI Security Standards Council to conduct PCI Forensic Investigations globally.

How it works

  • Trustwave DFIR consulting is available to any organization, though it can add to Trustwave Device Management and Detection & Response services as you mature your security program.

     The Trustwave DFIR consulting itself is multi-faceted, with both reactive and proactive services available. Trustwave SpiderLabs experts can provide immediate response to an advanced threat breach or work with you to proactively improve your organization's IR readiness. The services your organization needs are up to you.

     Consulting is available as-needed or via a DFIR emergency response retainer. While we'll always strive to respond to your needs as quickly as possible, having DFIR consulting available to you via retainer offers the benefit of having our 24/7 team of global experts ready to respond to security incidents on a moment’s notice. And with minimal purchase levels, you'll have the ability to transfer unused emergency response retainer hours to other IR Readiness program services, so you never have to worry about wasting retainer hours.

     Services available include:

    Reactive Emergency Response Services

    DFIR Emergency Response Provides a team of expert IR consultants to immediately respond to security breaches 24x7x365
    PCI Forensic Investigations (PFI) Provides an independent forensic investigation of merchants, acquirers, service providers mandated by credit card brands

    Proactive IR Program Readiness Services

    Readiness and Detection Assessment Evaluates your ability to detect & respond to incidents and provides security gap analysis and action plans
    Incident Response Plan Development Develops and documents an appropriate and comprehensive incident response process
    Proactive Threat Hunting Searches for potential advanced threat risks in the absence of identified Indicators of Compromise (IOC)
    Dark Web Investigation Identifies unauthorized data exposed on the Internet, including both legitimate and underground servers
    Table Top Exercises Evaluates and improves your CSIRP without any significant disruption of operations
    Attack Simulation Evaluates your ability to respond to a real incident by orchestrating real-time attack scenarios
    Purple Teaming Exercises the capabilities and procedures of your IR and penetration testing security teams
    DFIR Training Established or custom courses delivered by seasoned SpiderLabs security professionals


  • Documents

  • Videos

    • video thumbnail


      A Risk Based Approach to Cybersecurity Maturity

    • video thumbnail


      Inside Trustwave SpiderLabs

  • Webinars

    • video thumbnail


      Threat Detection and Response Best Practices

    • video thumbnail


      Threat Hunting Demystified

    • video thumbnail


      Security Breach Do’s and Don’ts to Minimize Damage and Downtime

    • video thumbnail


      Operation Grand Mars: Defending Against Carbanak Cyber Attacks