Trustwave SpiderLabs Exposes Unique Cybersecurity Threats in the Public Sector. Learn More

Trustwave SpiderLabs Exposes Unique Cybersecurity Threats in the Public Sector. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Trustwave Recognized in Gartner® 2022 Market Guide for Managed SIEM Services

Trustwave, a leading provider of Managed Security Services, has been named a Representative Vendor in the Gartner® 2022 Market Guide for Managed SIEM Services.

In the report, Gartner analysts Al Price, John Collins, Andrew Davies, Mitchell Schneider, and Angel Berrios provide an updated definition of Managed SIEM Services along with how Managed SIEM, which is also known as a managed SoC or SoC as a service. Additionally, Gartner notes what organizations should look for when comparing the Managed SIEM Services that are currently available.

“Security, information, and event management is challenging to deploy, maintain, and staff. Managed SIEM services aid security and risk management leaders in the operations of their SIEM — allowing organizations to maintain ownership, personally operate the solution, and customize it to their needs,” the Market Guide stated.

Gartner defines a Managed SIEM vendor as one that provides managed security information and event management services, remote management, or monitoring of a client-owned SIEM solution. Services include management, ensuring a security system’s availability and performance, detection, content writing, and tuning (whether this is 24/7 or hybrid), off-hours security monitoring and alerting, and lightweight investigation of security issues.

There is a bright future for Managed SIEM providers and clients. As per Gartner, “Managed SIEM has a compelling adoption rate and increasing customer demand.”  

In addition, Gartner notes, SIEM technologies are becoming more accessible, and more mid-maturity security buyers who have recently adopted a cloud-based IT posture are accelerating adopting the model to meet their growing security needs.

Note to readers: Gartner has also recognized Trustwave as a Representative Vendor in the analyst firm’s February 2023 Gartner® Market Guide for Managed Detection and Response services.


Gartner Managed SIEM Key Findings

  • “SIEM is widely adopted by organizations with security that is mid-level in terms of maturity. These organizations are looking to own, deploy and utilize their security tool investments instead of utilizing shared service provider tools.”
  • “Security teams have a wide range of complex responsibilities and benefits. Outsourcing certain elements of security delivery helps ease the workload of the security teams and provides resources so the team can focus on operational requirements.” 
  • “Buyers who have invested in SIEM technology use Managed SIEM services to derive more value. They can use Managed SIEM services to get assistance with decisions around strategy, architecture, maintenance, development, or support. This approach leads to better security operations results.”
  • “Managed SIEM providers offer varying service levels and can cater to most buyers’ needs.”


Gartner Recommendations on How to Choose a Managed SIEM Product

The Gartner analysts recommend evaluating as many Managed SIEM models as possible, choosing one that aligns best with the needs of its security team, such as hours needed, augmenting the in-house team’s skill set, and reducing maintenance overhead.

Another important factor is an organization must “select providers based on partner programs that your SIEM vendor operates.”


Trustwave’s Co-Managed SoC

Trustwave's Co-Managed SOC service offers client threat detection services operating in conjunction with the client’s SIEM technology. The ingests SIEM alerts from the client’s SIEM and processes the data through threat intelligence and threat-focused detectors. The team can then escalate this information by displaying it as a SIEM alert in the Trustwave Fusion platform. In addition, Trustwave analysts will review the threat findings and will access the client’s SIEM to investigate with the aim of gaining more context from collected events and activity trends.

Trustwave can quickly onboard a client through its SIEM Jumpstart program. During this process, Trustwave:

  • Will coordinate all client and Trustwave responsibilities, tasks, and status reports related to delivery of the feature
  • Will guide and assist client in the transition to co-management of the SIEM Technology
  • Will review SIEM use cases applicable to the client’s SIEM to tune the alert volumes relative to the client’s purchased capacity and licensing restrictions associated with the SIEM Technology of which Trustwave is made aware
  • Will provide standard (non-custom) use cases and refine alerting and reporting

Gartner, Market Guide for Managed SIEM Services, Al Price, John Collins, Andrew Davies, Mitchell Schneider, Angel Berrios, 17 August 2022

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Latest Trustwave Blogs

Email Security Must Remain a Priority in the Wake of the LabHost Takedown and BEC Operator’s Conviction

Two positive steps were taken last month to limit the damage caused by phishing and Business Email Compromise (BEC) attacks when a joint action by UK and EU law enforcement agencies compromised the...

Read More

Defining the Threat Created by the Convergence of IT and OT in Critical Infrastructure

Critical infrastructure facilities operated by the private and public sectors face a complex and continuously growing web of security threats that are compounded by the increasing convergence of...

Read More

Behind the MDR Curtain: The Importance of Original Threat Research

Searching for a quality-managed detection and response (MDR) service provider can be daunting, with dozens of vendors to choose from. However, in its 2023 Gartner® Market Guide for Managed Detection...

Read More