Connect with our team of offensive security, AI security and pen testing experts at Black Hat Europe 2023. Learn More

Connect with our team of offensive security, AI security and pen testing experts at Black Hat Europe 2023. Learn More

Managed Detection & Response

Eradicate cyberthreats with world-class intel and expertise

Managed Security Services

Expand your team’s capabilities and strengthen your security posture

Consulting & Professional Services

Tap into our global team of tenured cybersecurity specialists

Penetration Testing

Subscription- or project-based testing, delivered by global experts

Database Security

Get ahead of database risk, protect data and exceed compliance requirements

Email Security & Management

Catch email threats others miss with layered security & maximum control

Co-Managed SOC (SIEM)

Eliminate alert fatigue, focus your SecOps team, stop threats fast, and reduce cyber risk

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
The Trustwave Approach
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Platform
SpiderLabs Fusion Center
Security Operations Centers
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Trustwave Launches Value-Driven Enterprise Pen Testing Offering

Trustwave has enhanced its pen testing offering to now include a high-quality, cost-effective offering to larger organizations. This new Enterprise Pen Testing (EPT) offering is designed to meet the complex testing needs of these organizations with an extensive breadth and depth of vulnerability identification, ability to deliver scaled programs of work, at an extremely competitive price point.

The world-class analysts, threat hunters, and researchers at Trustwave SpiderLabs supports EPT clients with a mix of onshore, nearshore, and offshore pen testers, testing within a CREST-certified methodology and providing high-quality testing in a flexible and cost-effective manner. Furthermore, the EPT service is augmented with a local Technical Account Manager (TAM) who ensures clients receive the most value from their testing investment.

“With over two decades of global industry leadership in vulnerability research and findings, we thoroughly understand the threat landscape of known, unknown, and emerging threats,” said Nick Ellsmore, SVP of Worldwide Consulting and Professional Services at Trustwave. “Our proven methodologies, performed in accordance with industry standards, allow us to find even the most difficult vulnerabilities and provide a world-class testing solution to global enterprises.”

Trustwave has developed targeted and comprehensive testing programs to achieve client’s testing objectives on an ad hoc basis or as part of a long-term testing program. While ad-hoc testing can deliver valuable point-in-time insights, having a pre-established security testing program provides a more holistic view of enterprise risk over time. Additionally, with a dedicated TAM, clients have an expert guide to review findings, develop remediation plans, and manage continuous validation testing.

All EPT encounters deliver a report containing actionable roadmaps for remediation to address gaps, implement patches, and mature your organization’s security.

Meeting Compliance and Regulatory Requirements

Trustwave understands that every organization has a unique mix of regulatory and cybersecurity frameworks as well as a mandate to protect customer and user data.

With clients in multiple industry sectors and located worldwide, Trustwave develops testing programs to meet multiple compliance requirements, such as PCI DSS, CPS234, and MAS cybersecurity regulations.

Trustwave Enterprise Penetration Testing

Trustwave’s EPT offering is a multifaceted approach that not only checks systems for vulnerabilities but can help train security and IT staff to properly defend their organization.

Trustwave offers Vulnerability Management Services to examine a client’s environment to identify gaps within a security program and technology stack. There is no license cost for this service, a fixed price model is available based on weekly, monthly, or quarterly scanning., Scheduling is flexible and designed to meet the client’s needs, and all of this is conducted remotely saving additional costs.

The results of all testing are presented in Trustwave Fusion, a cloud-based cybersecurity platform that serves as the foundation for most Trustwave offerings. The Trustwave Fusion platform is purpose built to meet the enterprise where they are today in their operations and in the future as they embrace digital transformation and contend with a continuously evolving security landscape.

Red and Purple Team Testing as an Option

Clients can opt to upgrade their EPT package to gain insight into their organization’s ability to defend itself with Red and Purple Team testing. Too often, an organization's first mistake is not testing its people, policies, procedures, and systems in a real-world scenario.

This is where Red and Purple team testing comes into play.

A Red Team engagement is a laser-focused cybersecurity engagement designed to make an organization's nightmare come to life in a simulated attack. Rather than focusing solely on the technical controls, Red Teams aim to find flaws in people, processes, and technology. The business will provide a set of goals to the Red Team and the entire operation is built around accomplishing those goals without being detected.

A Purple Team exercise is essentially a controlled scrimmage during which a Trustwave team manipulates the situation to place the defenders in the worst position possible. By having someone from the client help direct the attack, we can give the client a taste of what is to come during the Red Team exercise or in a real-life attack.

At Trustwave, we use a Purple Team as a teaching opportunity more than an adversarial engagement. For example, we often have the client pick a particular tactic from the MITRE Attack Framework, begin a controlled attack, and walk them through what we are doing and how they should respond.

CREST Certification

Finally, all of these services are conducted under the umbrella of several CREST certifications. Trustwave is accredited by the internationally-recognized professional certification board CREST in several key areas tied to its EPT offering. Trustwave is uniquely positioned with multiple CREST accreditations across Vulnerability Assessment (VA), Intelligence-Led Penetration Testing (STAR), Penetration Testing (PEN TEST), and STAR-FS Intelligence-Led Penetration Testing.

Trustwave’s global CREST membership proves to clients we are invested in training and ensuring that our staff are keeping up-to-date with the very latest tools, tactics and procedures.



Latest Trustwave Blogs

The Two Sides of ChatGPT: Helping MDR Detect Blind Spots While Bolstering the Phishing Threat

ChatGPT is proving to be something of a double-edged sword when it comes to cybersecurity.

Read More

Trustwave MailMarshal Email Security Protects Against WinRAR Vulnerability CVE-2023-38831

The importance of email security cannot be understated. Proof of this can be seen in some recent research conducted by the Trustwave SpiderLabs team around our email security product MailMarshal.

Read More

Bah, Humbug! Grinchbots and Freebie Bots Attempt to Ruin Holiday Shopping for Consumers and Retailers

If the holiday classic “How the Grinch Stole Christmas” was remade in 2023, the mean green guy might be played by an Internet bot.

Read More