Blogs & Stories

Trustwave Blog

The Trustwave Blog empowers information security professionals to achieve new heights through expert insight that addresses hot topics, trends and challenges and defines best practices.

Getting MDR Right: How to Prepare Your Organization for Effective Managed Detection and Response

Don’t have a team of security experts and trained incident responders ready to respond and remediate the latest threats? You’re not alone, most organizations, especially at the mid-size, struggle to adequately staff their security teams to meet the rising number of threats. This is one of the reasons why organizations increasingly look to an outside partner to help them manage their endpoint detection and response.

CMMC 1.0 Is Out, Now What? The Five Critical Steps Everyone Must Follow

The Department of Defense (DoD) has officially published version 1.0 of its Cybersecurity Maturity Model Certification (CMMC) approach. DoD contractors are now trying to figure out what comes next. Since all DoD contractors will need to obtain a CMMC certification at some point, all of them must spend time to create a strategy and develop/implement a plan to get there. To help you jumpstart the process, we've put together the five steps you’ll need to follow. These can be used as milestones as part of an implementation project plan.

Hazard Reduction: 5 Steps to Adapt Your Cybersecurity Strategy for 2020

As security leaders kick off the New Year with fresh perspectives and goals aimed at measurably reducing cyber risk within their respective organizations, it may be time to revisit data protection strategies. Here, Nick Ellsmore, director of consulting and professional services, APAC, at Trustwave, highlights five key areas to focus on to take an adaptive approach to cybersecurity as our lap around the sun once again begins.

10 Essential Cybersecurity Tips for Businesses

Knowledge is power when it comes to cybersecurity, which is why members of the Global Telco Security Alliance have provided businesses and other organizations with 10 key insights they should know about the state of cybersecurity.

Experts Q&A: A 2019 Review of Cybersecurity and What to Expect

As 2019 is behind and the road to 2020 seems like a far stretch ahead, we once again checked back in with some folks from the elite SpiderLabs team at Trustwave to get their thoughts on what’s taken place, but most importantly, what 2020 could have in store for us.

Spider Tales: The Top 9 SpiderLabs Stories of 2019

After a slew of big events in 2019, we’ve decided to compile a list of the top nine SpiderLabs posts of the year that feature insights on malware, penetration testing tools and techniques and one major vulnerability disclosed.

CrackQ: 5 Questions with the Password Cracker's Creator

The Trustwave SpiderLabs experts are known for the open-source security projects they release throughout the year. We caught up with the creator of the latest tool, dubbed CrackQ, for a breakdown of what it is and what it offers for Red Teams.

What Attackers Aim to Compromise in Cloud Environments

As modern-day organizations continue to increase their workloads in the cloud, attackers are taking aim and shifting their tactics to compromise them. This Q&A features insights on what cybercriminals prefer to target in cloud environments.

3 Multi-Cloud Environment Challenges to Overcome

The list of obstacles security leaders experience to reach an ideal state of cyber resiliency in a multi-cloud environment is long, but important steps and decisions need to be made when it comes to the following three areas.

The Cybersecurity Maturity Model Certification: 5 Important Things to Know and Prepare For

The Department of Defense previously had an honor-system in place for contractors and subcontractors to meet cybersecurity compliance. This is all about the change with the introduction of the Cybersecurity Maturity Model Certification. Here are five important facts that you need to know and prepare for as the requirements are baked into RFIs and RFPs in 2020.

BEC Campaigns: Is Deepfake Tech a Cybercriminals Next Biggest Asset?

As business email compromise attacks continue to rise, impacting organizations across sectors, one can help but think what could be on the horizon as cybercriminals continue to leverage emerging technology. Here, we explore how deepfake technology may be a future asset for threat actors.

Embarking on a Hybrid SOC Journey

A discussion on the capabilities that would make a hybrid SOC partner most successful and key items organizations should focus on if they’re thinking of embarking on a hybrid SOC journey.

Misconfigurations: A Hacker’s Path of Least Resistance

Digital crooks won’t start off their attack campaigns by spending hours on developing custom file payloads or trojans. They’re looking for the path of least resistance, and most of the time, that’s by exploiting a misconfiguration in their target’s network.

Becoming Agile in Today’s Cyber Climate

Security organizations that embrace adaptive security are both agile when it comes to the threat landscape, but also continue to evolve proactively through the threat research and intelligence sharing it consumes. Here are steps you should take to point the security organization in the direction of becoming an agile and proactive function.

Stay Connected


Sign up to receive the latest security news and trends from Trustwave.

No spam, unsubscribe at any time.

Blog Categories

Trending Topics