Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
News Releases

Trustwave Presents at AppSec USA 2010, Launches New 360 Application Security Program

First-of-its-Kind Program to Help Organizations Defend Against Persistent Threats

CHICAGO (September 2, 2010) - Security experts from Trustwave, the leading provider of information security and compliance solutions, will present at AppSec 2010 in San Diego, September 8 and 9. The presentations will be delivered by members of SpiderLabs, the advanced security team at Trustwave responsible for application security, incident response, penetration testing, physical security and security research.

David Bryan will present "Cloud Computing, A Weapon of Mass Destruction?" which will review common attack types and how they can be used to disrupt service. He will also review the steps that lead organizations to choose the cloud computing environment, why these environments are good for most businesses, but why they may not meet your regulatory requirements. He will then review mitigation strategies and response programs that can reduce the operational risks when responding to these events.

During training, Charles Henderson and Matt Tesauro will teach a class that will cover the full range of tools that OWASP provides under free and open licenses. The class will include a DVD of the OWASP Web Testing Environment (WTE), a collection of tools and documentation for testing web applications available both as a Live CD and virtual machines. When the class is complete, students will be familiar with a wide range of tools and techniques to test web applications.

Trustwave also will unveil its 360 Application Security program at AppSec USA 2010. This program is the only vertically-integrated application security offering, combining the critically-acclaimed WebDefend Web Application Firewall (WAF) from Trustwave's acquisition of Breach Security, with the industry-leading security services of Trustwave's SpiderLabs.

A strong application security posture requires good offense and defense; Trustwave's 360 Application Security program combines Secure Code Training, Application Penetration Testing, Code Review and Trustwave WebDefend WAF with Virtual Patching into a holistic security program. The entire solution is delivered by the security experts at SpiderLabs, bridging the gap between expert manual testing and automated protection found within many organizations.

Prior to application development, Trustwave SpiderLabs will deliver Secure Code Training to ensure developers are creating programs based upon industry best practices. During the development and quality assurance cycle, SpiderLabs' manual code review inspects all relevant application source code to pinpoint deficiencies in security controls and identify development errors. Once development is complete, an application penetration test will simulate a coordinated attack, exposing security weaknesses by highlighting vulnerabilities that can lead to compromise of critical data.

The final component to the program is Trustwave WebDefend, an advanced WAF that offers customized, behavior-based security for each protected application. The SpiderLabs expert that conducted the application penetration test and code review will configure and tune the WAF to provide real time application protection. On a regular basis, the SpiderLabs team member will conduct security and application defect log analysis, and apply Virtual Patches to provide immediate protection to any discovered vulnerability. Virtual Patching protects vulnerable applications from attack, without having to wait for the next release cycle.

"It's exciting to see an organization that understands the complexities of application security create such a complete solution," says Corey Moscoe, chief information security officer for SEI. "Combining the knowledge and experience at SpiderLabs with the WebDefend and ModSecurity platforms sets Trustwave apart."

"Testing is critical, but as applications evolve new vulnerabilities emerge," says Robert J. McCullen, chairman and CEO of Trustwave. "WAF protection is ongoing, but IT organizations often lack the man power of application security knowledge to optimize it. The SpiderLabs penetration tester who understands the application's vulnerabilities is the one to tune the WAF for optimal protection."

"Poorly developed applications are a risk to any organization as critical information is accessed through the application layer," says Nicholas J. Percoco, senior vice president of SpiderLabs. "This holistic approach ensures that organizations are putting application security at the forefront to help remediate risks before they become vulnerabilities."

About Trustwave

Trustwave is a leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper® compliance management software and other proprietary security solutions including SIEM , WAF , EV SSL certificates  and secure digital certificates . Trustwave has helped hundreds of thousands of organizations-ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers-manage compliance and secure their network infrastructures, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia. For more information, visit

Latest News Releases

New Trustwave SpiderLabs Research Exposes Unique Cybersecurity Threats Facing Education Industry

Chicago – February 22, 2024 – Trustwave, a leading cybersecurity and managed security services provider, today released comprehensive research uncovering unique cybersecurity threats faced by...

Read More

Trustwave MailMarshal Now Available on Microsoft Azure Marketplace

Chicago – February 1, 2024 – Trustwave, a global cybersecurity and managed security services leader, today announced the availability of Trustwave MailMarshal on the Microsoft Azure Marketplace, an...

Read More

Aquion and Trustwave Announce Strategic Partnership to Boost Cybersecurity in Australia and New Zealand

Sydney, Australia - Jan 30, 2024 - Aquion, a specialist in value-added software distribution, proudly announces its strategic partnership with global managed cybersecurity leader Trustwave. This...

Read More