IT Brief Australia - Technology news for CIOs & IT decision-makers
Story image
New Trustwave solution designed to uncover complex vulnerabilities
Wed, 2nd Nov 2022
FYI, this story is more than a year old

Trustwave has announced its new Enterprise Pen Testing (EPT) offering, designed to meet the complex testing needs of large organisations with an extensive breadth and depth of vulnerability identification, ability to deliver scaled programs of work, and competitive pricing.

The expert Trustwave SpiderLabs team supports EPT clients with a mix of onshore, nearshore, and offshore pentesters, testing within a CREST-endorsed methodology, providing testing in a flexible and cost-effective manner, according to the company.

The EPT service is augmented with a local technical account manager (TAM) who ensures clients receive the most value from their testing investment.

Nick Ellsmore, SVP of worldwide consulting and professional services, Trustwave, says, "With over two decades of global industry leadership in vulnerability research and findings, we thoroughly understand the threat landscape of known, unknown, and emerging threats."

He says, "Our proven methodologies performed in accordance with industry standards, allow us to find even the most difficult vulnerabilities and provide a world-class testing solution to global enterprises."

While ad-hoc testing can deliver useful point-in-time insights, having a pre-established security testing program provides a more holistic view of enterprise risk over time. Additionally, with a dedicated TAM, clients have an expert guide to review findings, develop remediation plans, and manage continuous validation testing, Trustwave states.

In a statement, the company states that every organisation has a unique mix of regulatory and cybersecurity frameworks as well as a mandate to protect customer and user data.

Recognising clients' needs across multiple industry sectors, Trustwave develops testing programs to meet multiple compliance requirements, such as payment card industry data security standard (PCI DSS), CPS234, and monetary authority of Singapore (MAS) cybersecurity regulations, among others. All results are available within Trustwave Fusion for reporting and audit requirements.

Trustwave's Enterprise Penetration Testing offering is designed to meet the following client needs:

  • Regulatory: Enterprises facing regulatory (e.g. PCI DSS, CPS234, MAS) and financial service compliance need regular impartial third-party testing services. Trustwave delivers large programs of work and optimises the management of testing programs with an expert TAM guide.
  • Affordability and flexibility: Trustwave's global breadth means it can offer 'best-shore' delivery to clients, mixing on, near and offshore delivery models. This enables Trustwave to deliver the highest quality pentesting and value-based pricing for the enterprise.
  • Scale: Given the global nature of EPT clients, Trustwave is a global provider with the necessary scale and availability of testers to complete tests, delivered with the breadth and depth of pentesting skills available.
  • High quality: Trustwave's holistic approach uncovers the potential business impact, in addition to the detailed technical findings. Trustwave helps clients effectively prioritise and apply remediation actions and is one of only a handful of global CREST certified organisations able to do this.