Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

14 Things Trustwave Did in 2014 That Should Excite You

2014 was another busy year for Trustwave. We spent countless hours protecting businesses worldwide from sophisticated threats and crippling data breaches. We also unveiled fresh security research and announced cutting-edge security services that help businesses stay ahead of the criminals and fill the in-house security resource gap that plagues businesses worldwide.

Here are some of our crowning achievements over the past year:

  1. We were named a Leader for our Managed Security Services.

    In the latest Forrester Research evaluation of managed security services providers - "The Forrester Wave™: Managed Security Services: North America, Q4 2014" - Trustwave received the highest scores possible for services delivery capability, service-level agreements (SLAs), continuous monitoring capability, 2013 North American clients, as well as client and revenue growth for 2013. It also noted that Trustwave "customers were very positive and praised the company's responsiveness."

  2. In a bold move, we guaranteed zero malware.

    Through our new "Zero Malware Guarantee" program, Trustwave guaranteed to detect and stop 100 percent of malware propagated over the web for businesses that use the Trustwave Managed Anti-Malware Service. The service, which went live in 2014, gives businesses the ability to address malware and zero-day vulnerabilities, as well as blended and advanced persistent threats, without having to worry about policy adjustments, fine-tuning and device management.

  3. We offered expert testimony to Congress.

    Amid an outbreak of data breaches affecting well-known retailers, the House Committee on Energy and Commerce called on Trustwave Senior Vice President of Government Solutions and Special Investigations Phil J. Smith to offer testimony about how criminals launch their attacks, who they typically target and how businesses can better prepare for, protect against and respond to breaches.

  4. We helped IT pros alleviate security pressures.

    As rapidly as data breaches are occurring, IT pros are racing to keep their organizations protected from them. Our 2014 Security Pressures Report highlighted security concerns that create the largest strains for these practitioners and offered recommendations to help alleviate those strains.

  5. We were shortlisted as finalists for our products and customer service.

    As part of the 2014 SC Magazine Awards, we were named finalists for Best Customer Service for Trustwave Managed Security Services, Best Web Content Management Solution for Trustwave Secure Web Gateway, Best Web Application Firewall Solution for Trustwave Web Application Firewall, and Best Network Access Control Solution for Trustwave Network Access Control.

  6. We helped businesses put security first.

    Starting Jan. 1, any business that stores, processes or transmits payment card data must use version 3.0 of the Payment Card Industry Data Security Standard (PCI DSS) to attest compliance. But PCI requirements merely are the ground floor for security. Through our managed security and compliance services, we have been helping businesses enhance their security first, so they inherently achieve and maintain compliance. We also announced a new alliance with First Data, the global leader in payment technology and services solutions. By joining forces, we are bringing a new level of information security to millions of small and mid-sized businesses.

  7. We used real evidence to help companies better understand threats.

    Our 2014 Trustwave Global Security Report is a landmark compendium of compromise and threat statistics that we gathered from hundreds of data breach investigations conducted across the world and telemetry pulled from our award-winning technologies and global security operations centers.

  8. We strengthened our security testing services.

    In March, we acquired Cenzic, a leader in application security testing. The acquisition united Cenzic's dynamic application security testing (DAST) technologies with our Trustwave cloud-based application, database and network penetration testing and scanning services to create one of the industry's broadest, integrated security testing platforms.

  9. We identified common security deficiencies and offered advice.

    IT and security professionals worldwide participated in a global survey that asked them about their organization's susceptibility to risk. We compiled the 476 responses to create the 2014 State of Risk Report. The report identifies the most common points of deficiency across organizations and offers recommendations to remediate them.

  10. We identified and analyzed the "Backoff" malware.

    In partnership with the U.S. Secret Service, our forensic investigators were the first to identify and name the Backoff malware that infected more than 1,000 businesses in North America. The malware targets point-of-sale systems by exploiting weak passwords on remote access software. Law enforcement officials informed our team about a retail breach and asked us to analyze and identify the malware. We found it to be a unique family, meaning researchers had never seen it before. Check out the U.S. Department of Homeland Security alert here.

  11. We expanded our ethical hacking facilities and capabilities.

    To enhance our security testing capabilities, we created a physical lab in our Chicago headquarters to give our SpiderLabs testers more room to identify and remediate security weaknesses across networks, applications, databases and devices. Inside the lab, our team uses equipment to infiltrate technologies, such as ATMs, point-of-sale devices and surveillance systems. The goal is to conduct research, assist in forensic investigations and perform security testing for clients.

  12. We helped you deal with the big three: HeartbleedShellshock 
    and POODLE.

    As the security community worked tirelessly to deploy patches for the zero-day vulnerabilities that shook the core of the internet, we built defenses into our products and educated businesses worldwide about steps they needed to take to stay protected. Security controls such as automated vulnerability scanning and penetration testing play an essential role in identifying and remediating these kinds of vulnerabilities.

  13. Our technologies received international seals of approval.

    Trustwave Secure Web Gateway and Network Access Control achieved Common Criteria Validation. The internationally approved validation gives confirmation to government agencies and enterprises across at least 26 countries that our products, through independent evaluation, have met specific security standards.

  14. We verified that employees still do not know enough about security.

    Which is your favorite password? Do you click on suspicious links in emails? Have you ever lost a phone with corporate information on it? In conjunction with National Cybersecurity Awareness Month, we hit the streets of Chicago to ask employees about their #securitysmarts. We used the responses in a weeklong video series to underscore how many employees are not security savvy - which is why it's critical employers have controls in place to protect their valuable information, in case a worker has a brain freeze.

So that's a snapshot of our year. Thank you to our customers for allowing us to do what we love in 2014. And here's to an even bigger and better year in 2015.

Robert J. McCullen is Chairman and CEO of Trustwave.

Latest Trustwave Blogs

Mining Operations: Critical Cybersecurity Threats & Trends Revealed

Cybersecurity professionals often point out that threat actors do not differentiate when choosing a victim. To an attacker, a hospital is as useful a target as a law firm or even a mining operation....

Read More

Phishing: The Grade A Threat to the Education Sector

Phishing is the most common method for an attacker to gain an initial foothold in an educational organization, according to the just released Trustwave SpiderLabs report 2024 Education Threat...

Read More

Unlocking Cyber Resilience: UK’s NCSC Drafts Code of Practice to Elevate Cybersecurity Governance in UK Businesses

In late January, the UK’s National Cyber Security Centre (NCSC) issued the draft of its Code of Practice on Cybersecurity Governance. The document's goal is to raise the profile of cyber issues with...

Read More