Trustwave enters incident management business

The incident management service is designed to offer training, documentation development, and simulated attack exercises to help customers prepare for security incidents. SpiderLabs, the incident response and forensics team at Trustwave responsible for managing the incident management service, will also provide on-call services to help clients cope with security incidents as they occur.

Customers will have an initial interview with SpiderLabs, after which the organization will develop a security incident response plan outlining critical processes and how they will unfold. Trustwave will also help clients form a computer incident response team that will take care of incidents in the initial stages. A crucial aspect of the service will be educating the CIRT professionals so that they can preserve the confidentiality and integrity of the compromised systems when dealing with the security event.

Using its penetration testing expertise, SpiderLabs will mount a simulated attack against an organization to test its defenses, and will produce a report analyzing both the vulnerabilities (as happens in a conventional penetration test) and the response, to highlight any gaps.

Incident response services such as this are becoming common. Atlanta-based SecureWorks launched its Retained Computer Incident Response Service in June 2008. Foundstone, the professional services arm of McAfee, also has an emergency incident response service that includes the immediate dispatch of security consultants to the customer's site, along with a written assessment of a custom security breach, and a recommended investigation strategy.

What’s hot on Infosecurity Magazine?