Trustwave’s new Rapid Action Program (RAP) security solution is designed to help clients quickly answer the question: “do we have any obvious security weaknesses that must be addressed quickly?” In the current environment of ubiquitous attacks and breaches, every company wants comfort that they at least have the basics covered.

The Rapid Action Program is a fast and lightweight solution that includes features that allow Trustwave consultants to dive in and find if - and where - clients have common weaknesses. The program is conducted remotely, eliminating travel time, and costs and can be accomplished at the client’s convenience.

Why is this necessary? Because too many organizations go about their daily business comfortably believing that their systems and facilities are safe, when in fact, there is a strong possibility that the opposite may be true. This misjudgment is due to the inherent complexity of their systems and the ever-increasing technical capabilities developed by threat actors.

This is where Trustwave RAP comes into play. The solution includes a technical assessment by Trustwave’s elite team of SpiderLabs’ researchers, analysts, and penetration testers, and advisory services from Trustwave’s experienced consultants. We can help an organization understand the threats and vulnerabilities it faces. And most importantly, we can help prioritize the responses needed and can even get on with closing some of the gaps ourselves.

What is Trustwave RAP?

Trustwave has designed the Rapid Action Program to quickly move in and analyze an organization from a security perspective. When a client signs on with RAP, a series of six product features take effect:

• Pre-Attack Vulnerability Assessment – an open-source intelligence-based exercise to identify how you would likely be attacked
• Access to Security Colony Core – a 12-month subscription
• Facilitated Security Colony Maturity Assessment
• Tabletop Exercise – to test out your Incident Response process in a simulated breach scenario
• A straight-forward roadmap to prioritize responses
• 80 additional consulting hours that can be used to address issues identified in the assessment phase

The Rapid Action Program Process: What to Expect

The Pre-Attack Vulnerability Assessment is accomplished via reconnaissance activities including both Open-Source Intelligence (OSINT) and Vulnerability Assessment that may precede a cyber-attack or breach. The Trustwave team will use a variety of tools and techniques to identify weaknesses and to see if threat actors have already attacked and breached an organization’s defenses.

A Trustwave consultant will work with our client to complete the Security Colony Maturity Assessment, based on the NIST Cyber Security Framework to rapidly assess people, process and technology gaps.

During this stage, Trustwave will seek to discover and then help an organization understand any security gaps that might exist in its systems and processes.

Next, Trustwave will conduct a tabletop exercise with the client security team, playing out a worst-case scenario to help train them on how to react properly when a cyber disaster strikes and to identify potential process gaps.

All these elements – the Pre-Attack Vulnerability Assessment, the Security Colony Maturity Assessment, and the Tabletop Exercise – are then knitted together into a pragmatic roadmap and action plan to provide a clear way forward for the security program.

With this roadmap in place, a client can then decide how to use the additional 80 hours of consulting from Trustwave to get the best risk reduction impact.

Trustwave provides an ongoing 12-month subscription to Security Colony, Trustwave’s powerful online self-service resource for CISOs and security teams that includes Breach Monitoring (for email breaches) and Vendor Risk Assessment (for monitoring a client’s third-party interactions). In addition, subscribers have access to self-assessment, training videos, public and private forums, and hundreds of security reports based on previous real-life client engagements.

The final feature is our ‘Ask a Consultant’ feature in Security Colony, where the client can ask Trustwave consultants over the course of the full 12-month subscription for further advice and guidance.

Rapid Action Program Takeaways

Once undergoing the RAP process, an organization will quickly learn what to do to improve their security posture, spend less time on ‘auditing’ and more time on fixing real issues, and will find out whether the plan currently in place is effective before disaster strikes.

RAP is not a one and done deal. The solution contains ongoing support to improve security over 12 months via Security Colony and ‘Ask a consultant,’ and an additional 80 hours of consulting services to address issues identified in the assessment phase.

So don’t reinvent the wheel.

The Trustwave Rapid Action Program (RAP) is a lightweight assessment that searches out your unknown vulnerabilities. We know that a lot of your exposure is out of your control, but with over 25 years of experience, we address those types of issues every day. With RAP, our dedicated service team will ensure that your ‘virtual’ doors and windows are locked to prevent your vulnerabilities from being exposed.