CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Trustwave Recognized in Gartner® 2022 Market Guide for Managed SIEM Services

Trustwave, a leading provider of Managed Security Services, has been named a Representative Vendor in the Gartner® 2022 Market Guide for Managed SIEM Services.

In the report, Gartner analysts Al Price, John Collins, Andrew Davies, Mitchell Schneider, and Angel Berrios provide an updated definition of Managed SIEM Services along with how Managed SIEM, which is also known as a managed SoC or SoC as a service. Additionally, Gartner notes what organizations should look for when comparing the Managed SIEM Services that are currently available.

“Security, information, and event management is challenging to deploy, maintain, and staff. Managed SIEM services aid security and risk management leaders in the operations of their SIEM — allowing organizations to maintain ownership, personally operate the solution, and customize it to their needs,” the Market Guide stated.

Gartner defines a Managed SIEM vendor as one that provides managed security information and event management services, remote management, or monitoring of a client-owned SIEM solution. Services include management, ensuring a security system’s availability and performance, detection, content writing, and tuning (whether this is 24/7 or hybrid), off-hours security monitoring and alerting, and lightweight investigation of security issues.

There is a bright future for Managed SIEM providers and clients. As per Gartner, “Managed SIEM has a compelling adoption rate and increasing customer demand.”  

In addition, Gartner notes, SIEM technologies are becoming more accessible, and more mid-maturity security buyers who have recently adopted a cloud-based IT posture are accelerating adopting the model to meet their growing security needs.

Note to readers: Gartner has also recognized Trustwave as a Representative Vendor in the analyst firm’s February 2023 Gartner® Market Guide for Managed Detection and Response services.


Gartner Managed SIEM Key Findings

  • “SIEM is widely adopted by organizations with security that is mid-level in terms of maturity. These organizations are looking to own, deploy and utilize their security tool investments instead of utilizing shared service provider tools.”
  • “Security teams have a wide range of complex responsibilities and benefits. Outsourcing certain elements of security delivery helps ease the workload of the security teams and provides resources so the team can focus on operational requirements.” 
  • “Buyers who have invested in SIEM technology use Managed SIEM services to derive more value. They can use Managed SIEM services to get assistance with decisions around strategy, architecture, maintenance, development, or support. This approach leads to better security operations results.”
  • “Managed SIEM providers offer varying service levels and can cater to most buyers’ needs.”


Gartner Recommendations on How to Choose a Managed SIEM Product

The Gartner analysts recommend evaluating as many Managed SIEM models as possible, choosing one that aligns best with the needs of its security team, such as hours needed, augmenting the in-house team’s skill set, and reducing maintenance overhead.

Another important factor is an organization must “select providers based on partner programs that your SIEM vendor operates.”


Trustwave’s Co-Managed SoC

Trustwave's Co-Managed SOC service offers client threat detection services operating in conjunction with the client’s SIEM technology. The ingests SIEM alerts from the client’s SIEM and processes the data through threat intelligence and threat-focused detectors. The team can then escalate this information by displaying it as a SIEM alert in the Trustwave Fusion platform. In addition, Trustwave analysts will review the threat findings and will access the client’s SIEM to investigate with the aim of gaining more context from collected events and activity trends.

Trustwave can quickly onboard a client through its SIEM Jumpstart program. During this process, Trustwave:

  • Will coordinate all client and Trustwave responsibilities, tasks, and status reports related to delivery of the feature
  • Will guide and assist client in the transition to co-management of the SIEM Technology
  • Will review SIEM use cases applicable to the client’s SIEM to tune the alert volumes relative to the client’s purchased capacity and licensing restrictions associated with the SIEM Technology of which Trustwave is made aware
  • Will provide standard (non-custom) use cases and refine alerting and reporting

Gartner, Market Guide for Managed SIEM Services, Al Price, John Collins, Andrew Davies, Mitchell Schneider, Angel Berrios, 17 August 2022

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Latest Trustwave Blogs

Unlocking the Power of Offensive Security: Trustwave's Proactive Approach to Cyber Defense

Clients often conflate Offensive Security with penetration testing, yet they serve distinct purposes within cybersecurity. Offensive Security is a broad term encompassing strategies to protect...

Read More

Behind the Scenes of the Change Healthcare Ransomware Attack Cyber Gang Dispute

Editor’s Note – The situation with the Change Healthcare cyberattack is changing frequently. The information in this blog is current as of April 16. We will update the blog as needed. April 16, 2024:...

Read More

Law Enforcement Must Keep up the Pressure on Cybergangs

The (apparent) takedown of major ransomware players like Blackcat/ALPHV and LockBit and the threat groups’ (apparent) revival is a prime example of the Whack-a-Mole nature of combating ransomware...

Read More