Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

The Trustwave Fusion Platform: A Window Into Your Penetration Test

One of the lesser-known but extremely important roles the Trustwave Fusion portal, known as the Fusion Security Testing Suite (STS) plays is as a conduit for our clients when running a penetration testing program. 

We've written about, Red Team and Purple Team penetration testing and the need to discover vulnerabilities before they become a problem over the last few months, but while those blogs covered the need for different types of testing, we also wanted to cover the process and tools used by our Trustwave SpiderLabs pentesters. 

So, how do we go about conducting a penetration test and then present the results to our clients?

To start with, Trustwave's process has been in place for more than 10 years and is tied directly to our industry-leading Fusion platform. 

Fusion is a cloud-based cybersecurity platform that serves as the foundation for the Trustwave Managed Security Services, Managed Detection and Response, and other cybersecurity offerings. Generally, Fusion gives clients an up-to-the-minute, single pane of glass view into their security situation, but it also serves an essential role in our pentest program.

Here we utilize a remarkable aspect of Fusion, the Security Testing Suite (STS), which gives the client an incredibly detailed view of the results of their pentest. As a result, Trustwave does not merely print out a report, drop it on the client's desk and leave. 

Fusion STS brings visibility into the process and scalability, allowing Trustwave to conduct pentests for any size organization, from a small or medium-sized business to enterprise-class. 

Trustwave's Penetration Testing Process

So, before a client gets to the point when information is available on Fusion, a pentest must be set up. The first step has a client purchasing the credits needed to run the test and then putting together a testing plan.

18837_picture1f

The Fusion STS enrollment page.

Three types of tests can be conducted. The first is a managed test that includes basic hygiene checks. Next is system scanning with actionable findings for remediation. Third, are network and application penetration tests. Each of these tests has four tiers of service: (Please click here for a complete breakdown of Trustwave’s offerings.) We can also deliver ad hoc testing via the portal with more traditional day rates.

  • Basic – a simulation of a basic attack executed by an attacker of limited sophistication with minimal skill, typically using freely available automated attack tools
  • Opportunistic – a simulation of an opportunistic attack executed by a skilled attacker that does not spend an extensive amount of time executing highly sophisticated attacks, typically seeking easy targets using a mix of automated tools and manual exploitation
  • Targeted – a simulation of a targeted attack executed by a skilled and patient attacker expending a significant effort trying to compromise a specific organization’s systems
  • Advanced – a simulation of an advanced attack executed by a highly motivated, well- funded and sophisticated attacker, who will exhaust all options for compromise before relenting.

Setting an Assessment Schedule

Once testing has been purchased as a package or otherwise our operations team creates an account enabling each side to schedule an assessment.  Retesting can also be purchased and scheduled to ensure the client fixed any issues found by the test.

Once the test is scheduled and the prerequisites have been entered into STS, it appears in the consultant view ready to be picked up or assigned. The team then ensures that the client has completed all the test prerequisites and are working as intended. 

Once all these ducks are in a row, the test begins and is generally completed within the testing window for the particular piece of work. 

We are capable of testing applications, internal and external networks, and infrastructure along with red and purple team exercises.  Cloud and OS configuration reviews as well as other bespoke engagements are also covered.

Once the testing is complete, adhering to industry standards and the test classes defined in our delivery model we send the test for QA.

The QA team makes sure the report is not only technically correct but grammatically on target and that all the methodologies we are supposed to use were, in fact, followed during the test. This team also ensures the testing is consistent.

The report is then made available to the client within the portal.

18683_pen-test

 

Problems are Uncovered, What's Next?

Once the process is completed, and the client has viewed the results in Fusion STS, we discuss how to fix the issues.

This aspect generally falls into a couple of categories. 

First, the report includes recommendations made by the Trustwave team on how to rectify any problems, along with a detailed description and the supporting reference information related to the problem(s).

Generally, a client takes this information and fixes the problems internally. Trustwave's role is to conduct a follow-up or maintenance test to check that its remediation actions have fixed those issues.

However, if a client does not have the internal capability to fix the problem, the client can call upon SpiderLabs  to assist in remediation.

The Trustwave Difference

Trustwave believes in creating a direct and strong connection with all of our pentest clients. Therefore, we do not run a test, generate a PDF report, and then just toss it back to the customer and move on. 

Fusion STS gives clients a centralized place where all their tests live. So, if you are running hundreds of pentests over a period of time all of them can be found in Fusion STS. This single pane of glass not only gives 24/7 visibility, but if the client contact leaves that company, their replacement has instant access without having to dig through emails or wort through a paper trail.

Fusion STS also has an API which allows all parties to track a problem from discovery to mitigation. The system assigns findings a unique identifier that we use to follow the workflow within the portal. The outcome can then be used for integration into ticketing systems such as those found in ServiceNow and save a great deal of manual data entry for clients.

We believe this capability is incredibly useful because a client can track the life cycle of that vulnerability in an automated way to the point where we can close that vulnerability. 


 

19148_8-reasons-pentesting-cover
GUIDE

8 Reasons to use a Programmatic Approach to Penetration Testing

One of the essentials of your security defenses should be an organized and programmatic approach to penetration testing.

 

Latest Trustwave Blogs

Trustwave Named a Representative Vendor in 2024 Gartner® Market Guide for Co-Managed Security Monitoring Services

Trustwave has been named a Representative Vendor in Gartner just released the 2024 Market Guide for Co-Managed Security Monitoring Services. Gartner estimates that there are more than 500 vendors who...

Read More

Navigating Security Risks and Innovations in the Hospitality Industry

As technology has become available, the hospitality industry has focused on making the most out of innovations such as contactless services and eco-friendly practices.

Read More

Frost & Sullivan: Trustwave MDR Growth Will Exceed Industry Average

The security analyst firm Frost & Sullivan positioned Trustwave as a leader and top innovator in its research on the MDR market landscape, noting its innovative, industry-leading cloud-native Fusion...

Read More