With our database security portfolio, organizations all over the world gain complete visibility into data security and compliance issues without the need for deep expertise in the field. Trustwave database security software solutions help organizations discover, assess and report on vulnerabilities, misconfigurations and improper access controls within relational databases and big data stores.

DbProtect is a centrally managed and highly scalable solution for comprehensive database security process control. Based upon proven technology, DbProtect is a comprehensive solution built on a platform that integrates database asset management, vulnerability management, rights management, policy management and database activity and monitoring as well as reporting and analytics. DbProtect enables agencies with complex, heterogeneous environments to optimize database security, manage risk and bolster regulatory compliance.

• Discover and Manage – identify and manage your database assets
• Audit & Vulnerability Management- analyze your data to highlight risks and vulnerabilities
• User Rights Review & Rights Management – guard against unauthorized database access
• Database Activity Monitoring – gain real time, agentless monitoring and alerting on database activity
• Report and Remediate – document and share your findings

A laptop - based discovery and vulnerability assessment scanner, AppDetectivePro discovers databases within your infrastructure and assesses their security strength. Backed by a proven security methodology and extensive knowledge of application-level vulnerabilities, AppDetectivePro locates, examines, reports and fixes security holes and misconfigurations and also identifies user rights and privilege levels. As a result, government agencies can proactively harden their database applications.

• Discovery - scan and identify all databases on your network
• Vulnerability Assessment - policy scans help you identify vulnerabilities and misconfigurations
• User Rights Review - scan and identify inappropriate user privileges
• Report - document and share asset, policy and user rights results
• Always up to date - New CIS/DISA STIG with monthly or ad hoc updates

Complete email security requires visibility of all blended attack vectors coupled with granular policy and content controls – Trustwave Secure Email Gateway for Governments delivers all that and more.

Backed by our elite security research team, SpiderLabs, Trustwave Secure Email Gateway provides unmatched protection against advanced threats and comprehensive data protection controls to keep confidential information from leaving your institution and falling into the wrong hands.

• Flexible deployment options: on-premise software or cloud
• Protection against blended threats that use multiple vulnerabilities and methods to spread
• Multi-layered anti-spam approach that maximizes effectiveness and minimizes false positives
• Granular and flexible policy engine to meet all your needs
• Optional Trustwave Secure Email Encryption capability
• Powerful DLP protection to help achieve regulatory compliance and protect your intellectual property

Trustwave SWG for Governments blocks new malware in real time with several advanced engines. To block dynamic new obfuscated or encrypted drive-by downloads, Trustwave SWG decrypts, unpacks and assembles web pages and exposes their malicious behavior. Trustwave leads the industry in this advanced capability.

Trustwave is also the only SWG maker who provides managed security service experts to augment your team and optimize your protection. Why else do customers choose Trustwave Secure Web Gateway?

• Built-in intelligence from the SpiderLabs security research team at Trustwave
• Single solution for security, policy control and reporting
• Multi-tenant cloud platform, virtual appliances or hardware appliance options
• Behavior analysis engine that can capture and report on files related to blocked unknown malware. SWG forensics make the files available for investigation and processing via security tools at your convenience.
• Web acceptable use policy enforcement, monitoring and reporting.
• Integration with Trustwave technology, including Trustwave SIEM, Secure Email Gateway, Data Loss Prevention, Web Application Firewall and Network Access Control solutions
• Performance and scalability: 64-bit architecture and support for up to 150 scanners per system, or a virtually unlimited cloud platform
• Low total cost-of-ownership
• Accessible to organizations of all sizes and skill levels
• Appliance and Cloud available as a managed security service with unique Zero-Malware Guarantee

A penetration test or "ethical hack" evaluates an application's or network's ability to withstand attack. During a penetration test, you authorize an expert (or "ethical hacker") armed with the same techniques as today's cybercriminals to hack into your network or application. Such an exercise will open your eyes to vulnerabilities you didn't know existed and the effects of exploitation.

Now more than ever, Government organizations realize the need for pro-active security testing, and budgets are increasing as a result. Still, planning for and procuring security testing presents a number of challenges:

• Anticipating future testing needs
• Conducting testing in a timely manner
• Making testing an efficient, business-as-usual initiative rather than an obstacle
• Getting high quality testing across multiple asset types
• Standardizing repeatable testing/reporting across asset types
• Fulfilling compliance requirements
• Effectively managing multiple tests, and re-testing, over the course of the year

PCI

Trustwave delivers industry-leading assessment services and compliance-enabling technology to government organizations that must comply with the Payment Card Industry (PCI) Data Security Standard (DSS). Trustwave Compliance Validation Service (CVS) can help you proactively manage and streamline your PCI compliance efforts and ensure the process is completed with security in mind.

HIPPA

For government organizations or programs providing healthcare or healthcare plans and their business associates, Trustwave provides knowledge and expert guidance at each milestone on the road to secure protected health information (PHI) according to the rules under the Health Information Portability and Accountability Act (HIPAA).

Trustwave HIPAA services include:

• HIPAA Compliance Pre-Assessment service for a high-level evaluation of the security, privacy and incident readiness posture of an organization as compared to the HIPAA Omnibus standards.
• HIPAA Compliance Risk Assessment service to help organizations identify the risks associated with handling protected health information (PHI), electronic and otherwise.
• HIPAA Compliance Gap Assessment service to identify all policy gaps, how they relate to critical HIPAA regulatory issues, and specific actionable recommendations to close those gaps.

Whether you're challenged with meeting IT budget demands, fighting new threat adversaries, or are just looking for more efficiency around your compliance and security initiatives, we understand that all organizations are different, and that's why our Managed Security Services are designed for that kind of flexibility.

We work with many Governments around the world to solve their security and compliance challenges, enhance resources and support, and drive their organization forward. Our Security Solutions portfolio is powered by:

• Our deep expertise in advanced security technologies
• Threat Intelligence built in to our services
• "Follow the Threat" global Security Operations Centers
• 24x7x365 support and dedicated security analysts
• Our cloud-based TrustKeeper management portal

Having responded to more than 2,000 data security incidents, performed thousands of network penetration tests and carried-out hundreds of application security tests, Trustwave SpiderLabs, and by extension its clients, stays apprised of the latest threats and methods of data compromise.

We've worked cases involving the theft of Payment Card Industry (PCI) data, electronic protected health information (ePHI), personally identifiable information (PII), industry trade secrets, sensitive corporate information, classified data and other types of protected assets.

Organizations large and small select Trustwave SpiderLabs to augment their team through our incident response and readiness expertise. This includes:

• Free consultation to assess your organizations environment,
• risk and needs
• Integrated security technologies through a single source
• 24x7x365 support and dedicated security and compliance analysts
• Access to our cloud-based management portal
• "Follow the Threat" global Security Operations Centers
• $100,000 Breach Protection Program

Part of our SIEM portfolio, Log Management Enterprise (LME) addresses needs for compliance, security audits, and basic security analysis and management.

LME is designed for organizations that need an easy-to-implement log collection and management solution to serve either as a standalone solution, part of a larger SIEM solution or part of a Trustwave Managed Security Services solution. With Trustwave products, no additional storage, licensing, or compliance packages are needed – which means you can accurately predict costs.

Why do customers choose Trustwave Log Management Appliances?

• Audit-ready reporting on compliance objectives.
• Near real-time access to security events and logs.
• Powerful correlation and notifications with more than 70 configurable templates.
• Granular permissions support organizational roles.
• Turnkey appliance requires no other infrastructure.

By delivering via the cloud, Trustwave Endpoint Protection Suite reduces deployment time and upfront costs for distributed endpoint security across your laptops, tablets, mobile or fixed POS systems and other devices. By integrating core endpoint protection functions, Trustwave also simplifies management and lowers operational costs. This enables greater adoption and optimal defense-in-depth against a wide range of threats.

Trustwave has also recently added the Trustwave Secure Mobility platform which includes support for both Android and iOS devices with a rapidly accelerating feature list. See the feature chart in the How it Works section for an expanded view of the Endpoint Protection Suite feature list.

Trustwave Endpoint Protection Suite Delivers:

All-in-One Protection
Integrated policy enforcement, compliance management, anti-virus and malware deliver complete defense-in-depth coverage for your users, network and data. Add-on modules for file integrity monitoring and Windows log collection to further enhance security.

Simplified Security
Cloud-based delivery eliminates hardware setup and reduces management overhead for faster, easier and more efficient distributed endpoint protection.

Lower Operational Costs

Make your security budget go further by avoiding expenses for on-site equipment and minimizing ongoing management labor.

Trustwave App Scanner is a dynamic application security testing (DAST) software solution that allows IT professionals to protect their applications and mitigate the risk resulting from the constantly evolving threat landscape by identifying vulnerabilities in cloud and web applications. Trustwave App Scanner allows you to maximize the efficiency and effectiveness of your distributed of IT, development and security teams that collaborate to manage risk across your applications. App Scanner helps you stay head of the latest threats by enabling you to:

• Quantify and prioritize risk to develop a risk-based approach to remediation
• Reduce risk management complexities with a flexible, modular architecture
• Save time with more thorough and accurate scanning

Trustwave Web Application protects public web applications as well as custom and internal applications from complex attacks. Our solution offers customized, behavior-based security for each protected application and is integrated with our award-winning Trustwave SIEM, which correlates and consolidates attack information from many sources beyond Web applications. Trustwave Web Application Firewall can be implemented as a physical or virtual on premise appliance or as a managed security service, providing virtual patching to protect your vulnerable applications from attack, without having to wait for the next release cycle. Only the Trustwave Web Application Firewall uses a patent-pending profiling system and multiple, collaborative detection engines to ensure the flow of mission-critical traffic while supplying complete protection for applications to keep your confidential information safe from targeted attacks.

• Adaption application profiling system continuously builds a dynamic security model of each protected Web application to ensure only valid traffic is allowed
• ExitControl analysis engine inspects outgoing traffic for data loss, defacement and security information exposure
• Application layer signatures provide actionable information on detected vulnerabilities
• Geo-location blocking provides customization for blocking requests generated by specific countries
• Highly scalable appliance covers flexible site definitions, flexible deployment modes and support for up to 10G NIC cards
• Facilitates compliance with PCI DSS requirement 6.6
• FIPS 140-2 Level 1 compliant
• Anti-virus protection for file uploads
• Provides enhanced virtual patching with user defined rules based on regular expressions syntax
  
  • Powered by ModSecurity to improve user defined rules capabilities
• Custom response page to communicate a response to potential hackers based on the type of attack initiated