Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
News Releases

Trustwave Presents at AppSec USA 2010, Launches New 360 Application Security Program

First-of-its-Kind Program to Help Organizations Defend Against Persistent Threats

CHICAGO (September 2, 2010) - Security experts from Trustwave, the leading provider of information security and compliance solutions, will present at AppSec 2010 in San Diego, September 8 and 9. The presentations will be delivered by members of SpiderLabs, the advanced security team at Trustwave responsible for application security, incident response, penetration testing, physical security and security research.

David Bryan will present "Cloud Computing, A Weapon of Mass Destruction?" which will review common attack types and how they can be used to disrupt service. He will also review the steps that lead organizations to choose the cloud computing environment, why these environments are good for most businesses, but why they may not meet your regulatory requirements. He will then review mitigation strategies and response programs that can reduce the operational risks when responding to these events.

During training, Charles Henderson and Matt Tesauro will teach a class that will cover the full range of tools that OWASP provides under free and open licenses. The class will include a DVD of the OWASP Web Testing Environment (WTE), a collection of tools and documentation for testing web applications available both as a Live CD and virtual machines. When the class is complete, students will be familiar with a wide range of tools and techniques to test web applications.

Trustwave also will unveil its 360 Application Security program at AppSec USA 2010. This program is the only vertically-integrated application security offering, combining the critically-acclaimed WebDefend Web Application Firewall (WAF) from Trustwave's acquisition of Breach Security, with the industry-leading security services of Trustwave's SpiderLabs.

A strong application security posture requires good offense and defense; Trustwave's 360 Application Security program combines Secure Code Training, Application Penetration Testing, Code Review and Trustwave WebDefend WAF with Virtual Patching into a holistic security program. The entire solution is delivered by the security experts at SpiderLabs, bridging the gap between expert manual testing and automated protection found within many organizations.

Prior to application development, Trustwave SpiderLabs will deliver Secure Code Training to ensure developers are creating programs based upon industry best practices. During the development and quality assurance cycle, SpiderLabs' manual code review inspects all relevant application source code to pinpoint deficiencies in security controls and identify development errors. Once development is complete, an application penetration test will simulate a coordinated attack, exposing security weaknesses by highlighting vulnerabilities that can lead to compromise of critical data.

The final component to the program is Trustwave WebDefend, an advanced WAF that offers customized, behavior-based security for each protected application. The SpiderLabs expert that conducted the application penetration test and code review will configure and tune the WAF to provide real time application protection. On a regular basis, the SpiderLabs team member will conduct security and application defect log analysis, and apply Virtual Patches to provide immediate protection to any discovered vulnerability. Virtual Patching protects vulnerable applications from attack, without having to wait for the next release cycle.

"It's exciting to see an organization that understands the complexities of application security create such a complete solution," says Corey Moscoe, chief information security officer for SEI. "Combining the knowledge and experience at SpiderLabs with the WebDefend and ModSecurity platforms sets Trustwave apart."

"Testing is critical, but as applications evolve new vulnerabilities emerge," says Robert J. McCullen, chairman and CEO of Trustwave. "WAF protection is ongoing, but IT organizations often lack the man power of application security knowledge to optimize it. The SpiderLabs penetration tester who understands the application's vulnerabilities is the one to tune the WAF for optimal protection."

"Poorly developed applications are a risk to any organization as critical information is accessed through the application layer," says Nicholas J. Percoco, senior vice president of SpiderLabs. "This holistic approach ensures that organizations are putting application security at the forefront to help remediate risks before they become vulnerabilities."

About Trustwave

Trustwave is a leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper® compliance management software and other proprietary security solutions including SIEM , WAF , EV SSL certificates  and secure digital certificates . Trustwave has helped hundreds of thousands of organizations-ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers-manage compliance and secure their network infrastructures, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia. For more information, visit https://www.trustwave.com/en-us/.

Latest News Releases

Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value

Strategic Consolidation Offers Expanded Cybersecurity Suite of Market-Leading MDR, EDR, Offensive Security, DFIR, and Threat Intelligence

Read More

Trustwave Achieves Microsoft FastTrack Ready Partner Status and Microsoft Verified MXDR Solution Provider in the APAC Region

05 November 2024 - Trustwave, a global leader in cybersecurity and managed security services, has achieved Microsoft FastTrack Ready partner status for Microsoft 365 and been named a Microsoft...

Read More

Trustwave's 2024 Retail Report Series Highlights Alarming E-Commerce Threats and Growing Fraud Against Retailers

Chicago – October 29, 2024 – Trustwave, a leading cybersecurity and managed security services provider, today released a series of reports detailing the threats facing the retail sector, marking the...

Read More