Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Trustwave Lets Clients ‘Look Over the Shoulder’ of its Hackers

Chicago based Trustwave, a provider of security and compliance solutions, today released a tool that provides its enterprise clients the ability to manage all forms of penetration tests in real-time, and be presented with live, detailed test results and recommendations. With the results gathered from penetration tests, the generically named PenTest Manager displays rich media demonstrations including image slideshows and screen capture videos displaying how vulnerabilities can be exploited.

Chicago based Trustwave, a provider of security and compliance solutions, today released a tool that provides its enterprise clients the ability to manage all forms of penetration tests in real-time, and be presented with live, detailed test results and recommendations. With the results gathered from penetration tests, the generically named PenTest Manager displays rich media demonstrations including image slideshows and screen capture videos displaying how vulnerabilities can be exploited.

TrustWave PenTest ManagerPenTest Manager provides users with at-a-glance views of projects, test status and findings to manage application, network, physical and wireless penetration tests, performed by Trustwave’s security team, SpiderLabs. Having visual proof of exploitation proves to be valuable in showing executives and security staff the true impact of vulnerabilities. TrustWave claims that no other testing team allows clients to “look over the shoulder” of an ethical hacker in this manner as they expose weaknesses in critical systems.

“Rather than tracking findings in the typical PDF reports and spreadsheets, we give customers one centralized database to manage their vulnerabilities,” said Robert J. McCullen, chairman and CEO of Trustwave. “The way PenTest Manager delivers evidence provides real business value that solves a CISO’s problems while reducing costs with a portal-based management interface, which is what customers really need in their security solutions.”

Penetration Testing, also referred to ethical hacking, helps ensure proper security controls are in place to protect an organization from attack by cyber criminals hoping to steal valuable information and cause business disruption.

To ensure that application vulnerabilities don’t leave gaping holes for intruders, virtual patches for Web Application Firewalls (WAF) are custom-built by SpiderLabs, specific to each exploitable vulnerability. This minimizes the vulnerability of applications as developers fix the underlying software issues.

“The nature of the PenTest Manager encourages collaboration between the CISO and the testers, which can end up leading to more penetration testing requests rather than fewer,” said Wendy Nather, senior analyst, Enterprise Security Practice, The 451 Group. “By consolidating testing details, findings, mitigation and remediation tasks across multiple layers, a product like this can enrich the ongoing conversation between an MSSP and its clients.”

Written By

Click to comment

Expert Insights

Related Content

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Vulnerabilities

Several vulnerabilities have been patched in OpenText’s enterprise content management (ECM) product.

Vulnerabilities

Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.