The analyst firm Frost & Sullivan has recognized Trustwave with the dual honors of being positioned as the Innovation leader in its 2024 Managed Security Services (MSS) Radar, Americas, and 2024 MSS Radar, Europe, the second time Frost & Sullivan has recognized Trustwave as such in the Americas.

As financial services companies, such as banks, hedge funds, and stock exchanges, move to the cloud, sensitive data often unintentionally moves with them. To help avoid costly breaches and address governance, risk, and compliance (GRC) requirements such as PCI-DSS, GDPR, and SOC 2, these organizations may need to identify where in the cloud sensitive data can leak and be able to redact it at scale.

As we continue our Summer School blog series, let's focus on a vital aspect of modern application security: the relationship between API posture governance, API security, and the constantly changing regulatory compliance landscape. In today's interconnected world, where APIs are crucial for digital interactions, organizations are challenged with securing their APIs while complying with complex regulations designed to protect sensitive data and critical infrastructure.

New analysis of Q2 threats shows a consistent pattern of behavior on the part of threat actors and threat groups, providing organizations with a clear path to protect themselves. It’s every cybersecurity professionals’ worry; whether the security controls they’ve put in place will actually stop attacks.

Think of a cluttered desk, but on a digital scale. Businesses rely on hundreds of cloud-based, third-party Software-as-a-Service (SaaS) applications. Over a quarter (28%) of SME employees require 11 or more tools to manage the worker lifecycle. From the end user perspective, this isn’t a bad thing at all. Why not? SaaS applications are easy to activate, often coming with free editions or low-cost versions that accomplish a specialized task.

The events of Friday the 19th 2024 had a profound impact on organizations around the globe. I suppose a widespread global IT outage has a way of clarifying the mind—and IT leaders are recognizing that resilience is crucial for maintaining operations for their consumers, customers, staff, partners, and shareholders. But much of the post-mortem analysis seems to be misunderstanding key lessons from the outage.

As cyber threats continue to grow more sophisticated, the demand for dynamic, scalable security solutions has led to the increasing adoption of Security Operations Center as a Service (SOC as a Service, or SOCaaS). The SOC as a Service model offers a significantly more cost-effective alternative for organizations without the resources to establish full-scale, in-house security operations centers (SOCs).

Threat actors are increasingly tailoring their attacks to target social media apps and smartphone users, according to a new report from the Anti-Phishing Working Group (APWG). As email security technologies improve, scammers are turning to social media apps, text messages, and voice calls to conduct social engineering attacks.

When building applications that ingest and analyze millions of data points per second, developers as a rule require good observability data on workload performance. That principle certainly holds true for us on the Cloud SIEM team, where delivering a highly reliable and responsive product to our customers is central to our day-to-day operations.

Earlier this month, a group of our intrepid pen testers from our Readiness & Resilience team at CISO Global ventured into the heart of the hacking world at DEFCON 32 in Las Vegas. This annual pilgrimage to the mecca of cybersecurity (and more importantly, hacking) is more than just a conference – it’s a hands-on deep dive into the cutting edge of hacking techniques and defensive strategies.