Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Say Hello to SpiderLabs: The Team Behind Trustwave’s Security Product Offerings

SpiderLabs is among the most well-respected teams in the cybersecurity industry, having gained a reputation for conducting cutting-edge research, plying the foggy corners of the darkweb for information, and detecting and hunting down threats.

What is less well known is how Trustwave’s SpiderLabs’ various teams’ function and then pull together to create the formidable force that is the backbone of all of Trustwave’s offerings.

With this article, Trustwave is kicking off a blog series that will take deep dives into each of the SpiderLabs teams, discuss exactly what each is responsible for, some of their more notable achievements, and how they work to keep our clients safe.

But first a quick overview.

Trustwave SpiderLabs Basic Structure

SpiderLabs is comprised of four primary teams, Security Research, Security Testing, Threat Hunting and Digital Forensics and Incident Response. Each is tasked with a specific set of goals and all work to support Trustwave’s world-class product line-up.

Security Research – This team has dozens of security experts who collect, analyze, and share intelligence from multiple sources, such as the darkweb and open-source intel. The team makes Trustwave services and products more effective by analyzing recent attacks, threats, and vulnerabilities, and then creating update detection rules across our solutions.

The team also attempts to help the broader cybersecurity community by discovering and then alerting organizations of vulnerabilities in their products so they can be quickly mitigated. This information is dispersed through publishing more than 50 blogs and advisories per year.

  • 50+ security blogs and advisories published annually
  • Dozens of vendor product vulnerabilities discovered annually
  • Innovative machine learning tactics for inspecting web content and the Trustwave MailMarshal product to identify malicious email threats
  • Contributors to the cyber security industry with new tools (Responder, SocialMapper, CrackQ, etc.) and additions to the MITRE and ATT&CK frameworks

Security Testing –  These SpiderLabs members ensure clients are safe, that there are no threats residing inside their systems, and that they are prepared to defend themselves in the event of an attack.

These team members spend their days scanning client environments to identify known vulnerabilities and attempting to expose any weaknesses by proving they can be exploited. This team also has a proactive role and can conduct simulated attacks to test defenses.

Conversely, they can take on the role of defender and conduct simulated defense scenarios to thwart simulated attacks.

Finally, with all of this information gathered, the security testers can provide advice on how a client can properly defend itself.

Threat Hunting – This SpiderLabs team’s activities reflect its name by proactively searching for and finding threats and vulnerabilities before they can cause a problem.

Threat hunters conduct recurring strategic hunts against a specific threat for subscribed clients and in other cases set up and run one-time strategic hunts per a client request.

In both cases, they are able to identify active adversaries ‘living’ in environments and discover unknown vulnerabilities that if left unchecked, can put clients at risk of compromise.

Digital Forensics and Incident Response (DFIR) – These team members are Trustwave’s first responders. DFIR is on call 24x7 for retainer-based clients or can be brought in by an organization that has been struck by a cyber incident.

DFIR members are trained for rapid engagement for emergency breaches for any company, capable of identifying the source of the breach and the extent of the damage and starting the process of mitigation and recovery.

DFIR also holds proactive consulting and preparedness training for clients, so they are ready to handle an emergency. 

In the coming weeks leadership from each SpiderLabs team will break down their team’s activity, big wins and how each is integral to helping Trustwave ensure the cyber safety of its clients.



8 Reasons to use a Programmatic Approach to Penetration Testing

One of the essentials of your security defenses should be an organized and programmatic approach to penetration testing.


Latest Trustwave Blogs

Defending Healthcare Databases: Strategies to Safeguard Critical Information

The healthcare sector continues to be a primary target for threat actors, with 2023 seeing a record number of data breaches and compromised records. While successful attacks are inevitable, it’s...

Read More

Trustwave SpiderLabs: Ransomware Gangs Dominate 2024 Education Threat Landscape

The security teams manning the defenses at the higher education and primary school system levels often find themselves being tested by threat actors taking advantage of the sector's inherent cyber...

Read More

LockBit Takedown: Law Enforcement Disrupts Operations, but Ransomware Threats Likely to Persist

The news that US, UK, and other international law enforcement agencies disrupted LockBit is welcome, as stopping any threat group activity is always a positive. The unfortunate aspect is this blow...

Read More