Trustwave has announced enhanced co-managed security operations centre (SOC) capabilities. These are designed to maximise the threat detection and response value of security information and event management (SIEM) deployments, avoid unnecessary costs and reduce alert noise by up to 90%.
The enhanced Trustwave co-managed SOC offering now includes access to Trustwave's one-of-a-kind cybersecurity collaboration platform, Security Colony, which provides instant access to actionable, best-practice knowledge and years of consulting output from hundreds of companies. These include vendor risk insight, daily breach monitoring, ransomware readiness, and other valuable resources with actionable insights that track progress over time.
The offer is also supported by a dedicated Cyber Success Team with decades of SIEM, SOAR, and SOC experience and extensive certifications.
Under this, named experts for the life of the service term, conduct ongoing use case tuning and optimisation, review changes to client architecture, recommend updates to security policy, provide custom reporting and external threat monitoring, and frequently review the state of operations.
Trustwave’s offering is a holistic partnership in which Trustwave serves as an extension of its clients’ security operations teams.
“Our enterprise-proven processes, global scale, and unique SpiderLabs threat intelligence enable our clients to align their SIEM deployments to business and security outcomes,” says Tom Powledge, Chief Products Officer, Trustwave.
“Our decades of experience are combined with an end-to-end consultative approach and deep cybersecurity expertise, to provide clients with a tailored service that improves cyber resilience while avoiding runaway costs. Moreover, the improvements we make for clients are theirs to keep, we don't hold their SIEM hostage."
While SIEM is a core technology for many security operations teams, it is complex. It requires ongoing maintenance and optimisation by highly skilled security engineers to help security analysts operationalise the outputs and avoid a flood of noisy, false positive alerts.
“Security teams have a wide range of complex responsibilities and benefits. Outsourcing certain elements of security delivery helps ease the workload of the security teams and provides resources so the team can focus on operational requirements,” noted Gartner in its 2022 Market Guide for Managed SIEM Services.
Trustwave co-managed SOC clients benefit from the company's global experience across hundreds of clients, resulting in an extensive use case catalogue that is highly personalised and constantly tuned and optimised for optimal threat detection.
Co-managed SOC clients receive 24x7 global threat monitoring to help detect and investigate threats with SpiderLabs threat intelligence.
Clients receive confirmed, actionable incident alerts that require an immediate response or direct action, resulting in up to 90% reduction in alert fatigue by security staff and increased efficiency of the security operations team.
As a core differentiator, Trustwave also doesn’t force clients to work inside its tools and allows clients to retain the valuable SIEM use cases if they move to another provider.
Hence, Trustwave's co-managed SOC benefits include maximising investment value through end-to-end expertise, extending security teams with tenured SIEM and SOC experts, and stopping active threats with 24x7 real-time SpiderLabs global threat monitoring.
It also optimises and tune SIEM use cases constantly for higher fidelity threat detection, avoids alert fatigue and improves the productivity of the security operations team. In addition, it gives instant access to cybersecurity tools and insights with Security Colony.
Finally, the client retains ownership of all SIEM improvements and use cases, while Trustwave provides very mature security operations leveraging enterprise-proven methodologies and processes.