Security information and event management (SIEM) systems are crucial to cyber security, providing a solution for collecting and analyzing alerts from all manner of security tools, network infrastructure, and applications. But simply having a SIEM is not enough because to be truly effective, it must be properly configured, managed, and monitored 24x7.

Security best practice guidelines always call for changing default passwords as any password left on the factory preset is considered low hanging fruit, essentially just waiting to be abused by attackers to gain unauthorized access. Frameworks such as Cyber Essentials, PCI DSS, and UK Gov ITHC enforce this practice as one of their test requirements during an audit. The scenario below shows why it is part of a best practice to change default passwords as it could lead to a more severe issue.

ChatGPT can arguably be called the breakout software introduction of the last 12 months, generating both amazement at its potential and concerns that threat actors will weaponize and use it as an attack platform. Karl Sigler, Senior Security Research Manager, SpiderLabs Threat Intelligence, along with Trustwave SpiderLabs researchers, has been tracking ChatGPT’s development over the last several months.

Karl Sigler, Senior Security Research Manager, SpiderLabs Threat Intelligence, conducted a series of briefings in Washington, D.C., to federal officials on April 12-13, giving an update on what Trustwave SpiderLabs researchers are finding with the Russia-Ukraine War, ChatGPT, and current phishing trends. During his time in Washington, Sigler spoke with the U.S. Senate Armed Services Committee, Department of Homeland Security/TSA, Senate staffers, and other departments.

Endpoint detection and response (EDR) solutions are a crucial element of any cyber defense strategy. In general, EDR solutions help companies detect issues on the myriad number of devices their employees use. Although an EDR’s value is apparent there’s a simple way to draw additional value from an EDR system while strengthening your defense in depth strategy by adding a managed detection and response (MDR) solution.

Trustwave was honored during Cyber Defense Magazine in the 11th Annual Global InfoSec Awards at the 2023 RSA Conference, taking home accolades for Managed Detection and Response (MDR) Service Providers and was named the Market Leader in Penetration Testing.

The industry analyst firm Gartner has named Trustwave as a Representative Vendor in its 2023 Market Guide for Digital Forensics and Incident Response Retainer Services. This distinction comes on the heels of Trustwave being named a Representative Vendor in Gartner’s 2023 Market Guide for Managed Detection and Response (MDR).

Yesterday I wrote about some common Request for Proposal (RFP) pitfalls we have seen over the years at Trustwave. (part 1) Trustwave offers a wide range of services — from Managed Detection & Response (MDR), Managed SIEM services from Splunk, Qradar, and Microsoft Sentinel security testing, to complex red team engagements, so we‘ve seen numerous of styles and approaches in the format and presentation of the requests.

At Trustwave, we see scores of requests for proposal (RFP) in all shapes and sizes, originating from nearly every conceivable industry, seeking solutions to their specific security challenges and desired business outcomes. To help those issuing the RFP and the vendor on the receiving end, I’ve drawn up some simple guidelines to follow that will help your RFP process run smoothly.

Towards the end of 2020, a new vulnerability in MongoDB was found and published. The vulnerability affected almost all versions of MongoDB, up to v4.5.0, but was discussed and patched appropriately. The vulnerability, CVE-2020-7928, abuses a well-known component of MongoDB, known as the Handler, to carry out buffer overflow attacks by way of null-byte injections.