Trustwave SpiderLabs Uncovers Unique Cybersecurity Risks in Today's Tech Landscape. Learn More

Trustwave SpiderLabs Uncovers Unique Cybersecurity Risks in Today's Tech Landscape. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Trustwave Launches Value-Driven Enterprise Pen Testing Offering

Trustwave has enhanced its pen testing offering to now include a high-quality, cost-effective offering to larger organizations. This new Enterprise Pen Testing (EPT) offering is designed to meet the complex testing needs of these organizations with an extensive breadth and depth of vulnerability identification, ability to deliver scaled programs of work, at an extremely competitive price point.

The world-class analysts, threat hunters, and researchers at Trustwave SpiderLabs supports EPT clients with a mix of onshore, nearshore, and offshore pen testers, testing within a CREST-certified methodology and providing high-quality testing in a flexible and cost-effective manner. Furthermore, the EPT service is augmented with a local Technical Account Manager (TAM) who ensures clients receive the most value from their testing investment.

“With over two decades of global industry leadership in vulnerability research and findings, we thoroughly understand the threat landscape of known, unknown, and emerging threats,” said Nick Ellsmore, SVP of Worldwide Consulting and Professional Services at Trustwave. “Our proven methodologies, performed in accordance with industry standards, allow us to find even the most difficult vulnerabilities and provide a world-class testing solution to global enterprises.”

Trustwave has developed targeted and comprehensive testing programs to achieve client’s testing objectives on an ad hoc basis or as part of a long-term testing program. While ad-hoc testing can deliver valuable point-in-time insights, having a pre-established security testing program provides a more holistic view of enterprise risk over time. Additionally, with a dedicated TAM, clients have an expert guide to review findings, develop remediation plans, and manage continuous validation testing.

All EPT encounters deliver a report containing actionable roadmaps for remediation to address gaps, implement patches, and mature your organization’s security.

Meeting Compliance and Regulatory Requirements

Trustwave understands that every organization has a unique mix of regulatory and cybersecurity frameworks as well as a mandate to protect customer and user data.

With clients in multiple industry sectors and located worldwide, Trustwave develops testing programs to meet multiple compliance requirements, such as PCI DSS, CPS234, and MAS cybersecurity regulations.

Trustwave Enterprise Penetration Testing

Trustwave’s EPT offering is a multifaceted approach that not only checks systems for vulnerabilities but can help train security and IT staff to properly defend their organization.

Trustwave offers Vulnerability Management Services to examine a client’s environment to identify gaps within a security program and technology stack. There is no license cost for this service, a fixed price model is available based on weekly, monthly, or quarterly scanning., Scheduling is flexible and designed to meet the client’s needs, and all of this is conducted remotely saving additional costs.

The results of all testing are presented in Trustwave Fusion, a cloud-based cybersecurity platform that serves as the foundation for most Trustwave offerings. The Trustwave Fusion platform is purpose built to meet the enterprise where they are today in their operations and in the future as they embrace digital transformation and contend with a continuously evolving security landscape.

Red and Purple Team Testing as an Option

Clients can opt to upgrade their EPT package to gain insight into their organization’s ability to defend itself with Red and Purple Team testing. Too often, an organization's first mistake is not testing its people, policies, procedures, and systems in a real-world scenario.

This is where Red and Purple team testing comes into play.

A Red Team engagement is a laser-focused cybersecurity engagement designed to make an organization's nightmare come to life in a simulated attack. Rather than focusing solely on the technical controls, Red Teams aim to find flaws in people, processes, and technology. The business will provide a set of goals to the Red Team and the entire operation is built around accomplishing those goals without being detected.

A Purple Team exercise is essentially a controlled scrimmage during which a Trustwave team manipulates the situation to place the defenders in the worst position possible. By having someone from the client help direct the attack, we can give the client a taste of what is to come during the Red Team exercise or in a real-life attack.

At Trustwave, we use a Purple Team as a teaching opportunity more than an adversarial engagement. For example, we often have the client pick a particular tactic from the MITRE Attack Framework, begin a controlled attack, and walk them through what we are doing and how they should respond.

CREST Certification

Finally, all of these services are conducted under the umbrella of several CREST certifications. Trustwave is accredited by the internationally-recognized professional certification board CREST in several key areas tied to its EPT offering. Trustwave is uniquely positioned with multiple CREST accreditations across Vulnerability Assessment (VA), Intelligence-Led Penetration Testing (STAR), Penetration Testing (PEN TEST), and STAR-FS Intelligence-Led Penetration Testing.

Trustwave’s global CREST membership proves to clients we are invested in training and ensuring that our staff are keeping up-to-date with the very latest tools, tactics and procedures.

19167_pen-testing

 

Latest Trustwave Blogs

Trustwave MailMarshal Unveils Major Upgrades to Combat New Email Security Threats

Trustwave MailMarshal will receive a massive upgrade on March 28 that will add four new levels of functionality, including an improved dashboard interface, the ability to detect and halt malicious QR...

Read More

Unveiling the Latest Ransomware Threats Targeting the Casino and Entertainment Industry

Anyone who has visited a casino knows these organizations go to a great deal of expense and physical effort to ensure their patrons do not cheat. Still, there is a large group of actors who are...

Read More

Third-Party Risk: How MDR Offers Relief as Security Threats Abound

While third-party products and services are crucial to everyday business operations for almost any company, they also present significant security concerns, as high-profile attacks including...

Read More