A discussion on the differences between MDR and MSSP services and how some of the overlaps may be causing confusion for security leaders in search of assistance in protecting their organizations.

The list of obstacles security leaders experience to reach an ideal state of cyber resiliency in a multi-cloud environment is long, but important steps and decisions need to be made when it comes to the following three areas.

The Department of Defense previously had an honor-system in place for contractors and subcontractors to meet cybersecurity compliance. This is all about the change with the introduction of the Cybersecurity Maturity Model Certification. Here are five important facts that you need to know and prepare for as the requirements are baked into RFIs and RFPs in 2020.

As business email compromise attacks continue to rise, impacting organizations across sectors, one can help but think what could be on the horizon as cybercriminals continue to leverage emerging technology. Here, we explore how deepfake technology may be a future asset for threat actors.

A discussion on the capabilities that would make a hybrid SOC partner most successful and key items organizations should focus on if they’re thinking of embarking on a hybrid SOC journey.

Digital crooks won’t start off their attack campaigns by spending hours on developing custom file payloads or trojans. They’re looking for the path of least resistance, and most of the time, that’s by exploiting a misconfiguration in their target’s network.

Security organizations that embrace adaptive security are both agile when it comes to the threat landscape, but also continue to evolve proactively through the threat research and intelligence sharing it consumes. Here are steps you should take to point the security organization in the direction of becoming an agile and proactive function.

Far too much information that either carries too little or too much value is stored in databases, making it difficult to manage at times from an information security standpoint. Trustwave Senior Product Manager Thomas Patterson discusses how security leaders can minimize the value in their databases and provides a good rule of thumb to follow when it comes time to decide what should and shouldn’t be kept in the database.

By now, you’re likely familiar with the terms “penetration testing” and “red teaming,” but if it’s time for you to decide which option is best for your organization, we’ve provided a concise breakdown with the help of some of our Trustwave SpiderLabs experts.

A conversation surrounding the dichotomy of taking a hybrid cloud approach, why the human error factor is multiplied in this case, and the most important steps security leaders should be taking when protecting hybrid cloud environments.

Today, more and more businesses facing cyber risk are looking for new ways to mitigate it and any potential data losses. While you may not be in the process of buying cybersecurity insurance, there is some fundamental knowledge to grasp before making your decision outlined here.

Brian Hussey, vice president of cyber threat detection and response, focuses on providing security leaders with advice on what they can do to reduce dwell time in their environment.

Considered one of the most significant privacy developments in the U.S. to date, the Califonia Consumer Privacy Act goes into effect on January 1, 2020, and is expected to impact organizations far beyond the state of California. Here's what it means for the security organization.

A single security policy that stretches across your multi-cloud environment won't cut it. Featuring expert advice from Trustwave's Senior Vice President of Managed Security Services, Chris Schueler, this interview provides approaches that will and won't work.

Trustwave Senior Product Manager Thomas Patterson breaks down what it means for security leaders to protect "the last mile," in addition to highlighting some of the major security threats aimed at databases today.

Trustwave SpiderLabs Senior Security Research Manager Karl Sigler discusses the problems that encrypted malicious activity poses, but offers up solutions that security leaders can use to overcome them.

Time is money for auditors, but when their tasks involve too much manual work, inefficiency rears its ugly head, causing major gaps in performing tasks effectively. Here's a breakdown of the three most inefficient tasks tied to database audits.

Not every organization needs an in-house security operations center. But if yours is prepared to build one out, here are some thoughts and considerations to keep top of mind before you get started.

With the release of the Trustwave Fusion platform, the traditional dichotomy of customer and security partners is erased, giving security leaders the ability to take action on protecting assets and exterminating threats as they occur.

To reach the ideal security culture within your business, there are three primary areas you should focus on to get the most bang for their buck out of their security awareness programs.