Blogs & Stories

Trustwave Blog

The Trustwave Blog empowers information security professionals to achieve new heights through expert insight that addresses hot topics, trends and challenges and defines best practices.

Trustwave MailMarshal, Formerly Trustwave Secure Email Gateway – Receives Recognition for Industry-Leading Email Security Capabilities

Most of you that are familiar with Secure Email Gateway products know the MailMarshal name and know that its name was changed to Trustwave Secure Email Gateway almost ten years ago when Trustwave acquired M86 Security.  Over the years, MailMarshal, known for its email threat protection and detection accuracy, continues to be recognized by many across the industry and has retained a decades-long and loyal client base.

World-Class MSS DNA Makes MDR All the More Powerful

Trustwave was named a Strong Performer and one of the top 9 "Providers That Matter Most" to clients in terms of current capability in the first-ever Forrester Wave for Managed Detection and Response (MDR). Trustwave is also recognized in the Q3 2020 Forrester Wave for Global Managed Security Services Providers as a market leader in "Strength of Current Offering for MSSPs" – positioning us to strongly execute in the pure-play MDR market and, with our leadership in MSS, excel in crossover MDR/MSS service offerings.

The Women of Trustwave SpiderLabs

As the world celebrates International Women’s Day, it’s an unfortunate reality that cybersecurity, like many other industries, is often thought of as a male dominated field. Despite the obstacles, many female cybersecurity professionals are breaking barriers and setting new precedents, like the 5 amazing women interviewed here.

How I Hacked A Nuclear Power Plant

While most of us assume – or at least hope – that nuclear power plants are hardened targets that should be protected by the most advanced digital security possible, is that actually the case? In this interview with Charles Hamilton, Principal Security Consultant for Trustwave SpiderLabs, we discuss his experience conducting a penetration testing exercise for a nuclear power plant.

Covid 19 and the Digital Nomad life

COVID-19 has been disrupting CISO’s cybersecurity programs and changing their priorities. While no one knows when the coronavirus impact will end, although the recent vaccine developments have given us all some hope, we are getting a good perspective on what the new normal will look like – but I am going to talk to 4 key stages in the transformation to a new resilient digital nomad way of workers lives. But what will it change?

The Game Has Changed. Digital Transformation Has Arrived.

Many organizations have rushed to a remote working environment, with no time to prepare and plan a secure course of action, which inevitably leads to gaps in security – and we’ve seen this happen. Clearly and without question, the driver for this “second wave of digital transformation” has been COVID-19. Digging a little deeper, we’ve seen first-hand how quickly some organizations pivoted to the new norm of remote working. Fortunately, Trustwave SpiderLabs has been providing remote penetration testing for a number of years so we were well set for this shift and have been able to carry on with keeping our customers secure.

Requiem for Emotet

With the recent takedown of the notorious botnet known as Emotet, we thought it would be a good time to pause to reflect on the long history of this malware strain and cybercrime operation. To do that, we asked for a perspective from Phil Hay, Research Manager at Trustwave SpiderLabs, who has spent decades tracking and thwarting the Emotet threat.

Discussing the SolarWinds Discovery

With its recent discovery of three new vulnerabilities in SolarWinds products, the Trustwave SpiderLabs team created quite a stir. To get a better understanding of why this finding was so significant, we interviewed Karl Sigler, Threat Intelligence Manager at Trustwave SpiderLabs, to break down what the discoveries were and what organizations should do to protect themselves. Find that video interview in this post.

Data Privacy Day: Best Practices Organizations Should Know

What should organizations do to help keep data private and risks properly mitigated? Listed in this post are a few best practices, with links to resources that can help you learn more about this vital subject matter.

Separating Fact from Fiction in Threat Hunting

We all know that cybersecurity is an industry that lends itself to the occasional overuse of acronyms – and sometimes even buzzwords. When it comes to threat hunting, which is one of the most potent weapons an organization has to find and eliminate breaches, it’s important to be able to separate fact from the fiction. What are the aspect of threat hunting that are really impactful for organizations? To get a grounded perspective, we talked with Shawn Kanady, Director of Threat Fusion & Hunt at Trustwave SpiderLabs and former Director of Digital Forensics and Incident Response.

FTSE100: Cyber and The Board – Where Are We Now?

Is cybersecurity actively being discussed at a board level? Can we identify and understand any trends – for example, are specific industries really good at acknowledging all things cyber while others aren’t? To find out, we analyzed every annual report of each Financial Times Stock Exchange 100 (FTSE100) company.

CISO Data Headaches – CISO Data Solutions

As somebody who regularly speaks to CISOs across different industries, sectors and levels of cyber maturity, Ed Williams, Director of Trustwave SpiderLabs EMEA, has seen first-hand where the headaches exist and what causes these headaches. While all organizations are different and have different risks, finding solutions for those headaches is possible. Here’s what he recommends.

Better Together: How a Secure Email Gateway Can Help Improve Office 365 Security

Office 365 offers unparalleled productivity features that most employees simply can’t do without. But that widespread adoption also makes the platform a big target for malicious actors, who continue to find clever ways to attack organizations. While Office 365 has good built-in security features, is there a way to add even more protection? According to Phil Hay, senior research manager at Trustwave, the answer is yes.

Into the Breach: How 2020 Became A Tipping Point for Cybersecurity

In the year 2020, cybersecurity was thrust into the spotlight in an unprecedented way thanks to what’s being called the FireEye Data Breach & SolarWinds Orion Compromise. In this perspective, we argue that the incident represents a tipping point not only for cybersecurity, but possibly for the world, as threats to information security and data will have an ever-increasing effect on the course of human affairs.

New Year, Same CMMC: What Your Organization Needs to Know Now

With the start of a new year, organizations hoping to do business with the U.S. Department of Defense (DoD) need to be more aware than ever of Cybersecurity Maturity Model Certification (CMMC) requirements. This interview below with Darren Van Booven, Lead Principal Consultant at Trustwave, CMMC Registered Practitioner, and former CISO of the U.S. House of Representatives, can help.

Our Top Blogs of 2020

2020 was a year like no other – and that was reflected in the writing on the Trustwave and Trustwave SpiderLabs blogs, which covered some of the most significant and far-reaching discoveries our teams have ever made, including a massive malware operation that targeted organizations doing business in China. Check out our top blog posts of the year.

2020 and Cybersecurity - A Perspective

Looking back on the year in cybersecurity, Ziv Mador, VP of Security Research at Trustwave SpiderLabs, offers his key insights – and analysis of trends that organizations should prepare for in 2021. #cybersecurity #infosec

Stay Connected


Sign up to receive the latest security news and trends from Trustwave.

No spam, unsubscribe at any time.

Blog Categories

Trending Topics