Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Part 2: Is an RFP the Best Use of Your Organization’s Resources?

Yesterday I wrote about some common Request for Proposal (RFP) pitfalls we have seen over the years at Trustwave. (part 1)

Trustwave offers a wide range of services — from Managed Detection & Response (MDR), Managed SIEM services from Splunk, Qradar, LogRhythm and Microsoft Sentinel to security testing and complex Red Team engagements, so we‘ve seen numerous styles and approaches in the format and presentation of the requests. 

This writing reawakened an earlier train of thought about changing the security industry’s mindset toward the RFP process. In cybersecurity, a single solution or vendor rarely meets an organization’s needs entirely. While there are naturally varying levels to this sweeping statement when we get to the workshop stage of nearly every engagement, we find the client has matured since the start of the engagement; they’ve had additional discussions and continued to refine their requirements. 

This change means the RFP document started six months ago is no longer relevant—either in part or in its entirety.

For example, during the period the RFP was being written, the business has come to more fully understand their requirements so that the initial list of 42 mandatory items is now down to only five elements. Alternately, a previous requirement that mandated onsite data storage has since been superseded by the cloud-first mantra as a result of the growth in remote employees.

So why do we put ourselves through this process? Is this a bizarre Stockholm Syndrome in which we lay captive wanting to hear a vendor’s strategies or marketing-approved answers that make each sound fabulous with only the best security people in the world? It could be. But I’m pretty sure we can do better.

Improving the RFP Process

There are numerous ways the RFP process can improve. We could even start a think tank and call it The Stockholm Group. As an example, I’ve outlined an alternate method to simplify an organization’s procurement procedure.

  • Select five vendors/service providers your peers have recommended and/or have scored highly in a respected third-party evaluation (e.g., Gartner, Forrester, etc.)
  • Invite them to an introductory call.
  • Present the challenge(s) you would like them to solve 
  • Supply each vendor with the presentation and any other relevant details.
  • Book workshops with each vendor
  • Give them 2 hours to present their solution. 
  • Discern the reality of what they can deliver: This is not simply a sales pitch; you must know the ins and outs of the solution, how it will solve your business need, how it operates within your existing structure, and the responder company’s SLAs around implementation, support, etc.
  • Narrow down the field to two finalists.
  • Schedule a final workshop with each to address any unanswered questions or concerns.
  • Negotiate – don’t skip this part! You will ultimately regret “settling” for a solution or price that wasn’t your intended goal.
  • Sign contracts, start implementation
  • Live happily ever after

Above all, be transparent with the vendors. Tell them why you ultimately opted to go with a competitor and what they could have done differently to win the business. You could potentially influence their future roadmap to consider different capabilities, or at the very least, assure the salesperson that they haven’t completely failed for not securing your business.

The aim of any new approach should be to more efficiently and accurately obtain the necessary information and achieve the outcomes both parties are striving for. This streamlined process can significantly reduce the time from initiating the RFP to implementation and improve the quality of the vendors’ responses.

If you would like to talk to our dedicated RFP team on your current or future RFP plans, feel free to get in touch at

Latest Trustwave Blogs

DOJ Disrupts Russian Botnet Created Using Unchanged Admin Credentials

The US Justice Department conducted a court-authorized operation in January that thwarted an on-going Russian GRU botnet campaign that used unchanged publicly known default administrator passwords to...

Read More

Lessons to be Learned: Attacks on Higher Education Proliferate

Trustwave SpiderLabs is wrapping up a multi-month investigation into the threats facing the education sector, across higher education, primary and secondary schools. Trustwave will post the 2024...

Read More

Understanding Why Supply Chain Security is Often Unheeded

Many organizations downplay the critical aspect of whether their cybersecurity provider has the ability to properly vet a third-party vendor's cybersecurity posture.

Read More