Compliance and network security specialist Trustwave is to add subscription-based penetration testing to its managed security services programme for the first time, giving both enterprise and SME partners new abilities around identifying and exposing network and application vulnerabilities lurking within customer networks.
The service will sit within Trustwave’s Managed Security Services portfolio alongside elements such as security information and threat management (SIEM), network access control, unified threat management, web application firewalls, intrusion detection and prevention services, and authentication and encryption.
It will form part of Trustwave’s reseller managed TrustKeeper cloud-portal, with testing carried out by the vendor’s own Spiderlabs ethical hacking team. Customers will be able to schedule, manage and adjust penetration testing on their own terms, based on differing business priorities or security needs.
In this way, Trustwave said it hoped to make penetration testing not only an element of the security solution that could now be sold through the channel, but also an element that would become part of the end-user routine, as opposed to a one-off.
“What customers like about this is that they can return later and see how they have moved on security-wise by comparing previous tests to the latest test,” explained Trustwave UK and Ireland channel account manager, Matthew Salter.
“Penetration testing will now form part of a rounded service that we hope will offer many more opportunities to the channel.”
Brooks Wallace, Trustwave UK sales VP, added, “With other forms of penetration testing one has to either take it or leave it. Here the customer is in control and the channel partner can be freed up to execute around other areas of value add.”
Resellers would also be able to upsell on vulnerabilities identified during penetration testing, Wallace told MicroScope.