MSSP Trustwave Relaunches Advanced Continual Threat Hunting Platform
Trustwave, a Top 250 MSSP and Singtel (Singapore Telecommunications) subsidiary, has relaunched its Advanced Continual Threat Hunting platform to help organizations identify threats that evade many security tools.
Advanced Continual Threat Hunting allows organizations to hunt for threats based on indicators of behavior associated with specific threat actors, Trustwave noted. It is backed by Trustwave SpiderLabs threat hunting teams that study the tactics, techniques and procedures (TTPs) of threat actors from around the world.
How Trustwave Advanced Threat Hunting Works
Advanced Continual Threat Hunting determines if there is a threat actor in an environment and helps organizations identify potential areas of compromise, Trustwave stated.
With Advanced Continual Threat Hunting, Trustwave threat hunters develop thousands of queries across multiple endpoint detection and response (EDR) technologies and map them to the MITRE ATT&CK framework, the company noted. Next, Advanced Continual Threat Hunting leverages these queries to hunt for IOBs of specific threat actors.
As new threats are discovered, Trustwave uses this information to bolster its threat detection and response capabilities, the company said. Trustwave threat hunters also hunt for threats based on the company’s global curated threat intelligence, which provides insights into malicious activity discovered in customer environments across its products and services and externally sourced threat intelligence.
Trustwave Launches Pentesting Service
The Advanced Continual Threat Hunting relaunch comes after Trustwave in October 2022 released its Enterprise Pen Testing (EPT) service. Organizations can use this service for pentesting performed by onshore, nearshore and offshore pentesters, Trustwave said. They also can access testing exercises from SpiderLabs Red and Purple Teams to identify and protect against security vulnerabilities.
Trustwave provides managed detection and response (MDR) and other managed security services globally. It offers the PartnerOne program, which allows MSSPs and other technology providers to integrate its managed security services into their portfolios.