Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Gartner Names Trustwave in 2023 Market Guide for Digital Forensics and Incident Response Retainer Services

The industry analyst firm Gartner has named Trustwave as a Representative Vendor in its 2023 Market Guide for Digital Forensics and Incident Response Retainer Services. This distinction comes on the heels of Trustwave being named a Representative Vendor in Gartner’s 2023 Market Guide for Managed Detection and Response (MDR).

“Trustwave is honored to be named as a Representative Vendor for DFIR by Gartner,” said Trustwave CEO Eric Harmon. "The rapidly changing threat landscape is leaving organizations vulnerable, and we pride ourselves on not only being able to help our clients stay secure, but on having our world-class SpiderLabs team ready 24/7 to react quickly and decisively if a security incident occurs. Our global SpiderLabs security experts have extensive experience with the tools and techniques used by today's advanced attackers, allowing us to stay ahead of modern threats.”

Trustwave’s global SpiderLabs security experts have extensive experience with the tools and techniques used by today's advanced attackers, allowing us to stay ahead of modern threats.”

Trustwave will be on the floor at the 2023 RSA Conference. Our team is ready to meet with any interested parties to learn more about our DFIR, Managed Detection and Response and other security solutions during the show. To schedule a meeting click here or you can stop by Booth N5480.

To be named as a Representative Vendor for Digital Forensics and Incident Response (DFIR), Gartner said a security firm must offer proactive services (before an incident occurs) to include creation and/or review of incident response policy and processes, configuration of endpoint detection and response (EDR) technology, and other activities to increase incident preparedness. Additionally, reactive services (after an incident occurs) must include forensic collection, notification of relevant government agencies, determining the source of the breach, and other postmortem activities.

“Digital forensics and incident response retainer services are a great way to augment capacity and capability when responding to cybersecurity incidents. Security Risk Management (SRM) leaders should use this research to understand the DFIR market, evaluate trends, refine requirements, and identify market players,” the Gartner report stated.

Gartner defines DFIR as those that help organizations identify the extent of, and deal with security incident investigations, forensic response and triage, and security breaches. They generally offer a combination of digital forensics (DF), incident response (IR), and related proactive and reactive security services. DFIR is mostly delivered as a retainer-based service and is intended to work with the end user’s in-house DFIR processes and procedures.

DFIR solutions providers also must have the ability to:

  • Investigate malicious activity;
  • Reverse engineer malware;
  • Obtain threat intelligence;
  • Assist with incident recovery, from initial detection to incident postmortems, that allow for better detection and response processes for future security events.

Gartner’s Guide also notes that DFIR providers must go beyond simple proactive solutions and offer pre-emptive services such as red teaming and tabletop exercises, to prepare for a security incident. Additionally, the analyst firm believes targeted assistance, such as penetration testing and training workshops should be offered.

Trustwave has an extensive Enterprise Pen Testing program that is conducted by the elite Trustwave SpiderLabs team, which is CREST-certified for Penetration Testing and Simulated Target Attack & Response (STAR) Penetration Testing.

Additional recommendations from the Gartner Market Guide for organizations looking to add DFIR capabilities:

  • Consider purchasing a prepaid DFIR retainer to ensure preferential response times, reduced rates, and access to services that support their DFIR requirements.
  • Check with their cyber insurance policy provider to determine whether they have specific requirements or preferences for incident response services.
  • Consult their cyber insurance provider to determine whether having a DFIR retainer in place lowers their premiums.
  • Have a list of recommended DFIR service providers in place to ensure coverage in the event of an incident.

Trustwave’s DFIR Solution Delivers

Trustwave’s approach to DFIR is to bring clarity during what will be a very complicated situation for clients. Trustwave DFIR consulting services work with a client to determine the cause, and extent of a security breach quickly, and to better prepare for the inevitable incident.

Trustwave’s services help clients cut through the fog and complexity that surrounds a cyber incident.

A DFIR consulting retainer will ensure that Trustwave SpiderLabs experts are on standby as your first responders to a security breach. Trustwave can launch a forensic investigation at a moment’s notice. With DFIR experts stationed all around the globe, an expert first responder is only a phone call away, ready to determine the root cause of a breach, minimize its impact, and preserve key evidence.

Here is what an organization receives with a Trustwave DFIR retainer:

  • Speed: DFIR responder on-call 24/7 with 2-hour remote triage / in-transit within 24 hours if on-site work is required.
  • Priority: DFIR Retainer client cases get immediate priority over emergency services work.
  • Lower cost: A pre-negotiated rate is lower than standard consulting fees.

A DFIR retainer also offers flexibility in service delivery. In addition to access to all Trustwave SpiderLabs resources and services to ensure the most effective response, unused hours may be redirected to other IR Readiness services (minimum levels apply).


Latest Trustwave Blogs

DOJ Disrupts Russian Botnet Created Using Unchanged Admin Credentials

The US Justice Department conducted a court-authorized operation in January that thwarted an on-going Russian GRU botnet campaign that used unchanged publicly known default administrator passwords to...

Read More

Lessons to be Learned: Attacks on Higher Education Proliferate

Trustwave SpiderLabs is wrapping up a multi-month investigation into the threats facing the education sector, across higher education, primary and secondary schools. Trustwave will post the 2024...

Read More

Understanding Why Supply Chain Security is Often Unheeded

Many organizations downplay the critical aspect of whether their cybersecurity provider has the ability to properly vet a third-party vendor's cybersecurity posture.

Read More