• slide
  • slide
  • slide
  • slide
  • slide


Carahsoft is pleased to offer Trustwave Government Solutions which will enable our government customers to take a holistic approach to security risk management with our long history of supporting the government. By partnering with Trustwave you will also be empowered to assess, monitor and protect your most critical database assets in real time while simplifying audits, monitoring risk, and automating compliance requirements.

  • Database Security: DbProtect & AppDetectivePRO

    Databases contain sensitive and proprietary information, making them a prized target for cybercriminals who are constantly looking for ways to access valuable data for large financial payoffs. Trustwave DbProtect helps your business overcome resource limitations to uncover database configuration errors, access control issues, missing patches, and other weaknesses that could lead to data leakage, misuse and other serious repercussions.

  • DbProtect

    DbProtect is a centrally managed and highly scalable solution for comprehensive database security process control. Based upon proven technology, DbProtect is a comprehensive solution built on a platform that integrates database asset management, vulnerability management, rights management, policy management and database activity and monitoring as well as reporting and analytics. DbProtect enables agencies with complex, heterogeneous environments to optimize database security, manage risk and bolster regulatory compliance.

    • Discover and Manage – identify and manage your database assets
    • Audit & Vulnerability Management- analyze your data to highlight risks and vulnerabilities
    • User Rights Review & Rights Management – guard against unauthorized database access
    • Database Activity Monitoring – gain real time, agentless monitoring and alerting on database activity
    • Report and Remediate – document and share your findings

  • AppDetectivePRO

    A laptop - based discovery and vulnerability assessment scanner, AppDetectivePro discovers databases within your infrastructure and assesses their security strength. Backed by a proven security methodology and extensive knowledge of application-level vulnerabilities, AppDetectivePro locates, examines, reports and fixes security holes and misconfigurations and also identifies user rights and privilege levels. As a result, government agencies can proactively harden their database applications.

    • Discovery - scan and identify all databases on your network
    • Vulnerability Assessment - policy scans help you identify vulnerabilities and misconfigurations
    • User Rights Review - scan and identify inappropriate user privileges
    • Report - document and share asset, policy and user rights results
    • Always up to date - New CIS/DISA STIG with monthly or ad hoc updates
  • Secure Email Gateway (SEG)

    Complete email security requires visibility of all blended attack vectors coupled with granular policy and content controls – Trustwave Secure Email Gateway for Governments delivers all that and more.

    Backed by our elite security research team, SpiderLabs, Trustwave Secure Email Gateway provides unmatched protection against advanced threats and comprehensive data protection controls to keep confidential information from leaving your institution and falling into the wrong hands.

    • Flexible deployment options: on-premise software or cloud
    • Protection against blended threats that use multiple vulnerabilities and methods to spread
    • Multi-layered anti-spam approach that maximizes effectiveness and minimizes false positives
    • Granular and flexible policy engine to meet all your needs
    • Optional Trustwave Secure Email Encryption capability
    • Powerful DLP protection to help achieve regulatory compliance and protect your intellectual property
  • Secure Web Gateway (SWG)

    Trustwave SWG for Governments blocks new malware in real time with several advanced engines. To block dynamic new obfuscated or encrypted drive-by downloads, Trustwave SWG decrypts, unpacks and assembles web pages and exposes their malicious behavior. Trustwave leads the industry in this advanced capability.

    Trustwave is also the only SWG maker who provides managed security service experts to augment your team and optimize your protection. Why else do customers choose Trustwave Secure Web Gateway?

    • Built-in intelligence from the SpiderLabs security research team at Trustwave
    • Single solution for security, policy control and reporting
    • Multi-tenant cloud platform, virtual appliances or hardware appliance options
    • Behavior analysis engine that can capture and report on files related to blocked unknown malware. SWG forensics make the files available for investigation and processing via security tools at your convenience.
    • Web acceptable use policy enforcement, monitoring and reporting.
    • Integration with Trustwave technology, including Trustwave SIEM, Secure Email Gateway, Data Loss Prevention, Web Application Firewall and Network Access Control solutions
    • Performance and scalability: 64-bit architecture and support for up to 150 scanners per system, or a virtually unlimited cloud platform
    • Low total cost-of-ownership
    • Accessible to organizations of all sizes and skill levels
    • Appliance and Cloud available as a managed security service with unique Zero-Malware Guarantee
  • SpiderLabs featuring Pen Testers, Threat Hunters and Incident Response

    Trustwave's Elite Security Team

    Our security breach investigations, malware reverse engineering projects, millions of scans, thousands of penetration tests, leadership of open-source security projects and contributions to the security community have established Trustwave SpiderLabs as world-renowned experts on the past, present and future of security.

    The SpiderLabs team at Trustwave includes security and penetration testers, incident responders, forensic investigators, malware reversers, security researchers, published authors and sought-after speakers.

    What Is Trustwave SpiderLabs Known for?

    • Delivering expert security and penetration testing services
    • Incident readiness and data-breach forensic investigations
    • Threat intelligence that fuels industry-leading managed security services and technologies
    • Innovative security research and major threat disoveries
  • Compliance Services (HIPPA)


    Any U.S. Organization maintaing or transmitting electronic proteted health information, commonly known as ePHI, must comply with the Health Insurance Portability and Accountability Act (HIPAA)

    Trustwave HIPAA services include:

    • HIPAA Compliance Pre-Assessment service for a high-level evaluation of the security, privacy and incident readiness posture of an organization as compared to the HIPAA Omnibus standards.
    • HIPAA Compliance Risk Assessment service to help organizations identify the risks associated with handling protected health information (PHI), electronic and otherwise.
    • HIPAA Compliance Gap Assessment service to identify all policy gaps, how they relate to critical HIPAA regulatory issues, and specific actionable recommendations to close those gaps.

  • Managed Security Services (MSS)

    Whether you're challenged with meeting IT budget demands, fighting new threat adversaries, or are just looking for more efficiency around your compliance and security initiatives, we understand that all organizations are different, and that's why our Managed Security Services are designed for that kind of flexibility.

    We work with many Governments around the world to solve their security and compliance challenges, enhance resources and support, and drive their organization forward. Our Security Solutions portfolio is powered by:

  • Digital Forensics & Incident Response

    Quickly determine the source, cause and extent of a security breach with Trustwave. Or work proactivvely with the Trustwave SpiderLabs team to better understand your cyberthreat preparedness.

  • Managed Detection Response

    By delivering via the cloud, Trustwave Endpoint Protection Suite reduces deployment time and upfront costs for distributed endpoint security across your laptops, tablets, mobile or fixed POS systems and other devices. By integrating core endpoint protection functions, Trustwave also simplifies management and lowers operational costs. This enables greater adoption and optimal defense-in-depth against a wide range of threats.

    Trustwave has also recently added the Trustwave Secure Mobility platform which includes support for both Android and iOS devices with a rapidly accelerating feature list. See the feature chart in the How it Works section for an expanded view of the Endpoint Protection Suite feature list.

    Trustwave Endpoint Protection Suite Delivers:

    All-in-One Protection
    Integrated policy enforcement, compliance management, anti-virus and malware deliver complete defense-in-depth coverage for your users, network and data. Add-on modules for file integrity monitoring and Windows log collection to further enhance security.

    Simplified Security
    Cloud-based delivery eliminates hardware setup and reduces management overhead for faster, easier and more efficient distributed endpoint protection.

    Lower Operational Costs

    Make your security budget go further by avoiding expenses for on-site equipment and minimizing ongoing management labor.

For more information on these solutions, please contact us.

End User License Agreement

Click here to download Trustwave's End User License Agreement.


Continuous Diagnostics and Mitigation (CDM) Defend Comprehensive Database Security Strategy

Utilizing an Integrated Database Security Platform

  • Assets Management
    • CSM - Configuration Settings Management
    • VUL - Vulnerability Management

    Trustwave DBSS

    • App DetectivePro
    • DbProtect Vulnerability Management
  • Identity and Access Management
    • TRUST - Access Control Management (People Granted Access)
    • BEHAVE - Security-Related Behavior Management
    • PRIV - Privileges

    Trustwave DBSS

    • AppDetectivePro
    • DbProtect Rights Management
  • Data Protection Management
    • DATA_DISCOV - Provide consistent identification of "data assets" across the organization for processing, storing, and all transmitting information at all sensitivity levels
      • Automated Data Discovery; Data Classification; Tagging
    • DATA_PROT - Provide ability to protect the date itself through cryptographic methods and access control/monitoring
      • Encryption (multi-level); Data Masking; Data Policy Management; User Access Logging/Monitoring
    • DATA_DLP - Data Loss Prevention - Content, context and metadata monitoring, protection and inspection
    • DATA_SPIL - Data Breach/Spillage Mitigation - Protecting/remediating instances of unauthorized loss of data
    • DATA_IRM - Identification and granular encryption/protection of high value/sensitive data

    Trustwave DBSS

    • AppDetectivePro
    • DbProtect

Deal Registration

Click here to view Trustwave's Government Solutions Deal Registration Site.


Cybersecurity Maturity Model Certification (CMMC): What You Need to Know to Secure Your Supply Chain & How Managed Detection & Response Helps

Cybersecurity Maturity Model Certification: Effective Approaches to Achieve a Secure Supply Chain

CMMC 1.0 Is Out, Now What? The Five Critical Steps Everyone Must Follow

The Department of Defense (DoD) has officially published version 1.0 of its Cybersecurity Maturity Model Certification (CMMC) approach. DoD contractors are now trying to figure out what comes next. 

The CMMC: Answers About What to Expect and What it Means to You

As we kick off the New Year, Defense Industrial Base (DIB) and its 300,000 members are legally required to bolster their defenses and align IT security with the Cybersecurity Maturity Model Certification (CMMC) in 2020.

The Cybersecurity Maturity Model Certification: 5 Important Things to Know and Prepare For

The Department of Defense (DoD) is not immune to cybersecurity incidents. Given the expansive list of third-party contractors and subcontractors, it conducts business with, this should come as no surprise.


GSA Schedule Contracts

GSA Schedule 70

GSA Schedule 70 GSA Schedule No. GS-35F-0119Y Term: December 20, 2011- December 19, 2021

SEWP Contracts


Contract Number: Group A Small: NNG15SC03B Group D Other Than Small: NNG15SC27B Term: May 1, 2015 - May 1, 2025

Federal Contracts


ITES-SW Contract # W52P1J-15-D-0008 Term: March 2015 - October 2020

State & Local Contracts

City of Seattle Contract

Contract #0000003265 Term: December 19, 2021


Contract # CMAS 3-12-70-2247E Term: through March 31, 2022

Fairfax County IT Hardware, Software, & Services

Virginia- Fairfax County CONTRACT EXPIRATION: October 4, 2020 (with 5 option years)

Orange County National IPA Co-Op

Through May 31, 2020 (with 2 option years)

Texas DIR-TSO-4288

Texas DIR Contract: DIR-TSO-4288 Contract Period: Through February 21, 2021 (with 2 option years)


Contract Number: UVA1482501 Term: May 2, 2014– December 19, 2021



Latest News

Winners of the Trust Award were chosen by a distinguished group of leading IT security professionals from SC Media's readership and selected by SC Media’s editorial team.
The SC Awards Europe and SC Awards U.S. are recognized throughout the security industry as the gold standard of excellence in cybersecurity.
In this report, Gartner evaluated MSSPs on several criteria to assess their completeness of vision and ability to execute. The ability to execute criteria included product or service, overall ...
Gain powerful perspectives on nefarious motives, preferred social engineering techniques, new malware variants and reasons wide-net campaigns from years past are being shelved in favor of targeted ...
Trustwave Government Solutions is debuting its new Threat Hunting service for forward-leaning government agencies that are tired of having their cyber clocks cleaned.
Trustwave, a Chicago-based cybersecurity company that has specialized in cyberattack response, has launched Threat Hunting for Government, a service designed to proactively and continuously search ...
As the Defense Department beefs up its cyber threat hunting capabilities, it's taken a slower approach toward modernizing GPS.
Being able to deploy security solutions in a fast and efficient manner is not only convenient, but also vital in helping protect organizations from ever-evolving security threats. If the necessary ...
Trustwave won top honors for Best Managed Security Service in the Trust Awards category at the SC Awards 2017. Winners are recognized for outstanding leadership and providing superior security ...
Trustwave today announced that Gartner, Inc., a leading information technology research and advisory company, has positioned Trustwave in the "Challengers" quadrant in the most recent "Gartner Magic ...
Trustwave today announced that its database security products received their Certificate of Networthiness (CoN) from the U.S. Army, approving their use in the Army Enterprise Infrastructure (AEI).
After the city and county of Denver experienced a distributed denial-of-service attack earlier this year, the municipality’s IT security leader called a meeting with the broader organization to ...


In Capable Hands

While every organization has unique security struggles, virtually every one of them must confront the same security challenges, from preventing malware to identifying vulnerabilities to responding to threats, plus adhering to compliance requirements. No business is immune from attack. Trustwave Capabilities offer a robust set of solutions designed to help resolve your impediments, whether they are based on topic, industry or mandate.


DbProtect is a data security platform that uncovers database configuration mistakes, identification and access control issues, missing patches, or any toxic combination of settings that could lead to escalation of privileges attacks, data leakage, denial-of-service (DoS), or unauthorized modificatio...

Each scan engine is typically installed on a host with 8-16 GB RAM, 2-4 Precessor Cores 2.0 GHz+, 50 GB free disk space running Windows Serve 2003 or Windows Server 2008 or Window Server 2008 R2 or Windows Server 2012 64-bit Standard Editions or higher. in order to run authenticated vulnerability or...

In 2012, the Office of Management and Budget identified continuous monitoring of federal IT networks as one of 14 CrossAgency Priority (CAP) goals, established in accordance with the Government Performance and Results Modernization Act. To support federal departments and agencies in meeting t...


If cybercrime is a business, you can consider this report your guide to its business plan. Use it to learn more about what the criminals are doing now, what they may do in the future, and the steps you can take to keep them away.

Welcome to the 2020 Trustwave Global Security Report, our annual review of the phenomena, trends and statistics affecting computer security and worldwide safety, as observed by Trustwave systems and security analysts throughout 2019.

To learn more about how agencies can protect their critical assets, GovLoop teamed with Trustwave, a cybersecurity and managed security services provider specializing in threat detection and response that helps organizations fight cybercrime, protect data and reduce security risk. This report covers...


The Trustwave Web Application Firewall (WAF) provides the ability to identify vulnerabilities in web codes and applications in addition to the ability to virtually patch these vulnerabilities. Trustwave WAF also delivers the ability to monitor policy configurations of web servers, track, and control...

Relational databases and big data stores are a prime target for attackers due to the amount of sensitive information residing within, such as customer information, intellectual property and proprietary secrets. For more than 15 years, the database security experts at Trustwave have helped organizati...

Relational databases and big data stores are a prime target for attackers due to the amount of sensitive and classified data residing within. Yet many government organizations fall victim to database intrusions because of common database flaws. To address their ever-expanding network perimeters that...

Relational databases and big data stores are a prime target for attackers due to the amount of sensitive information residing within, such as customer information, intellectual property and proprietary secrets. Yet many businesses fall victim to database intrusions because of common database flaws...