Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

12 of the biggest things Trustwave did in 2013

This past year was an eventful one for Trustwave - as it was for the entire information security industry. As data breaches rolled on, malware advanced and compliance requirements stiffened, Trustwave responded with updated products and services, stronger-than-ever intelligence and expertise, and unwavering curiosity.

Below is a list of some of our proudest accomplishments during this past year, starting with the most recent. This assortment of successes ranges from the wacky and wild - hacking reporters and "smart" technologies to showcase important vulnerabilities - to achievements that had immediate and far-reaching effects - discovering millions of passwords on a criminal web server - to the actionable: launching cutting-edge products and services that keep your business better protected from harm and more compliant with requirements every single day.

1. We found a server containing two million credentials - Our researchers discovered a criminally operated server that contained two million usernames and passwords for popular websites such as Facebook, Twitter, LinkedIn, Yahoo and Google. The credentials were stolen thanks to malware known as Pony.
2. We got inducted into an "Innovation" Hall of Fame - SC Magazine named us a 2013 Hall of Fame Industry Innovator for our Trustwave Secure Web Gateway technology.  We also were named finalists for the 2014 SC Magazine Awards for Best Customer Service, Best Network Access Control, Best Web Application Firewall and Best Web Content Management Solution for Trustwave Secure Web Gateway. The winners will be announced in February during a ceremony coinciding with the RSA Conference.

3. We double-downed on Managed Security Services - To help alleviate pressures businesses face regarding staff and skills shortages, budget constraints, more complex threats, new technologies (i.e. BYOD) and an increasing amount of data flowing through their networks and applications, Trustwave launched a new suite of Managed Security Services. The suite includes Trustwave Managed SIEM, Managed Secure Web Gateway, Managed Web Application Firewall and Managed Email Security.

4. We acquired Application Security Inc. and SecureConnect - We made two important acquisitions this year - acquiring Application Security Inc., a leading provider of database security products, and SecureConnect, a leading managed security services provider in the franchise and hospitality industries. The acquisitions extend and enhance our capabilities in protecting information from all standpoints - network, mobile, applications and databases - and across all industries - franchises, hospitality, financial institutions, retail and more. Welcome to the family!

5. We hacked a reporter - Pandodaily editor Adam Penenberg asked our SpiderLabs research team to hack him because he was curious just how easy it is to erode someone's privacy in the digital era. In just a few weeks, after camping out near his apartment in Brooklyn, N.Y., our researchers were able to remotely gain access to Penenberg's bank account, W-2 information, Amazon account, Twitter account and other personal information. Although this project specifically focused on an individual, businesses also hire us to do these types of ethical hacks to identify weaknesses in their security and help fix them.

6. We gave you the FYI on PCI - Through various news stories and blog posts written by our risk and compliance experts, we provided fresh insight regarding the updated PCI DSS 3.0 standard, how you should tackle the new requirements and what's lacking.

7. We launched Managed Security Testing - In October, we launched our new subscription-based, penetration testing service that can more efficiently and regularly identify security weaknesses within networks and applications. Organizations can schedule, manage and adjust penetration tests based on their business priorities and security needs by using our cloud-based portal, Trustwave TrustKeeper.

8. We showed how "smart" technologies are not that smart - At Black Hat USA in Las Vegas over the summer, Trustwave researchers Daniel Crowley and David Bryan demonstrated how they hacked into "smart" automation technologies in a matter of minutes. By exploiting security vulnerabilities in these kinds of products, Crowley and Bryan were able to control door locks, lights, cameras and other devices through a few simple clicks on a laptop.

9. We launched a Mobile Security Practice - In 2013, businesses everywhere saw a continued boom in employees using their mobile devices in the workplace. To help them embrace BYOD and mobility in general, we announced the Trustwave Mobile Security Practice. It includes enterprise mobility assessments, "self-sealing" network protection and comprehensive penetration testing specifically for mobile.

10.  We opened new Security Operations Centers - To support the growth of our Managed Security Services in the Asia-Pacific region, we opened a security operations center (SOC) in Manila, the capital of the Philippines. The center not only supports clients who are headquartered in Asia Pacific, but also large, multinational businesses with operations in the region. We also added a new SOC in Minneapolis through our SecureConnect acquisition. Trustwave now operates five SOCs worldwide - in Chicago, Denver, Minneapolis, Manila and Warsaw, Poland.

11.  We released our annual Trustwave Global Security Report - We compiled data from global data breach investigations, penetration tests, network and vulnerability scans, and a whole lot more to produce a fascinating, 78-page industry close-up of statistics and trends. This landmark report not only helps security pros better understand where to focus their attention, but also makes IT threats and weaknesses understandable to the layperson. Among the findings: Retail was the most targeted industry in 2012, mobile malware exploded by 400 percent and businesses took an average of 210 days to detect an attack.

12.  We took ethical hacking to new heights - Last but not least, Trustwave researcher Ryan Jones brought the term "ethical hacking" front and center after describing how he dresses in various costumes to break into businesses (with permission, of course) and gain access to their valuable information. Jones is part of our ethical hacking team that is hired by businesses to simulate real-life attacks to identify and help remediate security weaknesses, before it's too late.

So that's a snapshot of our year. Thank you to our customers for allowing us to do what we love in 2013. And here's to even bigger and better in 2014.

Latest Trustwave Blogs

Mining Operations: Critical Cybersecurity Threats & Trends Revealed

Cybersecurity professionals often point out that threat actors do not differentiate when choosing a victim. To an attacker, a hospital is as useful a target as a law firm or even a mining operation....

Read More

Phishing: The Grade A Threat to the Education Sector

Phishing is the most common method for an attacker to gain an initial foothold in an educational organization, according to the just released Trustwave SpiderLabs report 2024 Education Threat...

Read More

Unlocking Cyber Resilience: UK’s NCSC Drafts Code of Practice to Elevate Cybersecurity Governance in UK Businesses

In late January, the UK’s National Cyber Security Centre (NCSC) issued the draft of its Code of Practice on Cybersecurity Governance. The document's goal is to raise the profile of cyber issues with...

Read More