Deploying security automation is hard if the criteria for success is beyond the scope of ticketing workflow. But the barrier of automation deployment has never been lower with the advent of so many Security Orchestration, Automation, and Response (SOAR) platforms now available to select from in the market and how attractive purchasing automation in a box (or in the cloud) is.

Trustwave’s new MDR offerings garnered recognition from IDC as differentiated due to the inclusion of Security Colony as part of the offering. Security Colony, now bundled in with Trustwave MDR offerings, is a Resource Library of 400+ documents derived directly from real-life consulting engagements with clients. The project deliverables have been anonymized and made available to clients.

In May 2021, President Joe Biden signed the 30 - page Executive Order (EO) on Improving the Nation’s Cybersecurity covering a host of cybersecurity issues. It mandates that Executive branch agencies deploy multifactor authentication, endpoint detection and response, and encryption. It also describes how government agencies should evaluate the software they buy and calls for these agencies to adopt "zero trust" architectures and more secure cloud services.

Modern healthcare is amazing. Hundreds of people, devices, and gigabytes of data are all harmonized to save lives and keep people healthy. Unfortunately, the very pieces that help keep us well provide a perfect hunting ground for threat actors. Threat actors are attracted to the data rich environments in healthcare organizations.

Frost & Sullivan analysts investigated 70 market participants and recognized Trustwave as one of 15 Innovators in the field. The report noted that Trustwave’s Fusion platform allows clients to manage and view their cybersecurity status, and elite SpiderLabs are driving factors behind being honored. “Trustwave Fusion, a security operations platform that integrates and enriches data from over 750 third-party sources, including cloud, network, endpoints, and email.

For the price of a Starbuck’s Caramel Frappuccino Grande and a cheese Danish, about $8, a cybercriminal can obtain all the information needed to max out a person’s stolen credit card and possibly steal their identity. This is just one example dredged from the Dark Web by the elite Trustwave SpiderLabs team while it was conducting research for an exhaustive study into what cybercriminals charge for stolen records.

A few months ago, we reported on an interesting site called the Chameleon Phishing Page. These websites have the capability to change their background and logo depending on the user’s domain. The phishing site is stored in IPFS (InterPlanetary File System) and after reviewing the URLs used by the attacker, we noticed an increasing number of phishing emails containing IPFS URLs as their payload.

The typical life of a consultant working in the field of governance, risk and compliance is often not deeply technical, but we have to be aware of new technology and the risks it poses; this is very true when it comes to Cloud, and with the massive adoption of Cloud as the vast majority of organizations now use cloud services on some level.

Everyone loves buzz words, no? Red team is the newest (well... not that new) coolest thing on the streets of information security city and many cybersecurity pros want to jump right in and become involved in Red team activities at their company. However, there is more to being a Red team member than just signing up.

One of the lesser-known but extremely important roles the Trustwave Fusion portal, known as the Fusion Security Testing Suite (STS) plays is as a conduit for our clients when running a penetration testing program.