LevelBlue acquires Trustwave to form largest global MSSP
The acquisition of Trustwave from MC2 Security Fund is expected to create the world's largest independent, pure-play managed security services provider. This move closely follows LevelBlue's recent agreement to purchase Aon's cybersecurity consulting business, further consolidating its position in the cyber defence sector.
Expanded capabilities
Trustwave's Fusion Platform and cloud-native MDR service will be integrated into LevelBlue's offering. The merger aims to deliver 24/7 cybersecurity protection across global markets, enhancing visibility and control over security operations for organisations of varying scales.
The combined portfolio is anticipated to create a strategically unified managed defence platform. It will leverage LevelBlue's artificial intelligence-driven threat detection capabilities and Trustwave's SpiderLabs unit for threat research and intelligence. The joint offering targets organisations operating across cloud, hybrid, and on-premises environments.
Trustwave recently achieved full authorised status from the US Federal Risk and Authorization Management Program (FedRAMP) and StateRAMP, which will enable LevelBlue to meet requirements for US federal and state projects, including those with stringent security demands such as the Department of Defense and Cybersecurity Maturity Model Certification (CMMC). "The acquisition of Trustwave represents a pivotal moment for LevelBlue and the cybersecurity industry," said Robert McCullen, Chairman and CEO of LevelBlue. "Trustwave's extensive expertise in managed detection and response services, combined with its unparalleled threat intelligence from SpiderLabs and mission-critical FedRAMP and StateRAMP authorizations, perfectly aligns with our vision to deliver simplified and powerful cybersecurity protection to organisations. This strategic move reflects our commitment to delivering better cybersecurity outcomes to our customers and enhances our global go-to-market capabilities, as well as in the U.S. federal, state, and local government markets."
Eric Harmon, Chief Executive Officer of Trustwave, said, "We're thrilled to partner with LevelBlue to drive our next phase of growth and unlock even greater cyber value for our clients. The threat landscape continues to evolve at an increasingly rapid pace. This announcement reinforces Trustwave's market leadership, and together with LevelBlue, positions us to further strengthen our combined leadership position, bolster our offensive and defensive security portfolio, and drive additional innovation to further safeguard and fortify our clients against disruptive and damaging cyber threats."
Market response
Trustwave, headquartered in Chicago and operating globally, employs over 1,000 security professionals. It is recognised as an industry leader in managed detection and response, managed security services, cybersecurity advisory, penetration testing, database, and email security. Its SpiderLabs team contributes threat research and intelligence, integrated into its product and service suite.
Market analysts noted the significance of the deal, particularly in light of recent consolidations in the managed security sector.
Christina Richmond, Principal Analyst at Richmond Advisory Group, stated, "Two longtime leaders in MSS and MDR coming together signals market maturation and industry consolidation, but also a powerhouse opportunity. Trustwave's SpiderLabs team and Fusion platform integrated with LevelBlue's threat intelligence and machine learning capabilities, backed by the Open Threat Exchange (OTX), will enhance threat detection and response on a cloud-based platform. Add in the recently announced acquisition of Aon's Cybersecurity and Intellectual Property Litigation consulting groups, and the potential for a full-service global cybersecurity and risk management firm is apparent."
Strategic impact
The acquisition fits into LevelBlue's broader approach of merging complementary organisations to build a stronger, more integrated offering for clients, specifically addressing increased demand for comprehensive managed cybersecurity solutions. Bringing together the two companies will position LevelBlue as the largest independent, pure-play MSSP globally.
Chad Sweet, Chairman of Trustwave and Co-Founder of The Chertoff Group / MC2, expressed support for the acquisition. "Joining forces with LevelBlue marks an exciting new chapter for Trustwave and our clients. The combination of LevelBlue's AI threat detection and Trustwave's FedRAMP and StateRAMP authorized Fusion Intelligent Security Operations Platform enables leading-edge cybersecurity protection for enterprises and government clients."
Shawn Hakl, Head of AT&T Business Products, commented on the significance of the certification aspects. "FedRAMP and StateRAMP certified managed detection and response capabilities are an exciting expansion to LevelBlue's managed security services. This business combination positions LevelBlue as a strategic provider of cybersecurity services in AT&T's portfolio, especially to our valued federal customers."
Financial advice for LevelBlue was provided by Santander, with legal counsel from Kirkland & Ellis. Trustwave's advisors included Guggenheim Securities and Pillsbury Winthrop Shaw Pittman. Strategic advice will be provided by The Chertoff Group to help accelerate growth in the managed detection and response market segment. The financial terms of the deal were not disclosed, and the acquisition remains subject to customary closing conditions.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
30-07-2025
- Techday NZ
LevelBlue warns cyber incidents jump as social engineering rises
LevelBlue has released its latest Threat Trends Report, revealing significant changes in cyberattack patterns and a marked increase in incident rates during the first half of 2025. Incident rates rise The report, analysing data from January through May 2025, shows that the percentage of LevelBlue customers experiencing cybersecurity incidents surged from 6% in the second half of 2024 to 17% in 2025. This threefold increase highlights escalating risks to organisations across various sectors. The report attributes this sharp rise in part to evolving tactics employed by cybercriminals. While Business Email Compromise (BEC) continues to be the most frequent method for gaining initial access to systems, there has been notable growth in alternative approaches. Non-BEC incidents increased by 214%, indicating that attackers are diversifying their methods to infiltrate networks. Faster breakout times LevelBlue's findings indicate that once attackers penetrate a network, they are moving laterally inside these environments at unprecedented speeds. The average breakout time (the duration between initial access and lateral movement) has now dropped to under 60 minutes, with certain cases recorded at less than 15 minutes. Social engineering surge The report points to a considerable surge in social engineering attacks, with 39% of initial access incidents linked to these techniques. This trend is particularly evident in the prevalence of fake CAPTCHA-based attacks, such as ClickFix campaigns. These campaigns, designed to trick users into providing credentials or executing malware, saw an increase of 1,450% from the second half of 2024 to the first half of 2025. A striking development in the first half of 2025 is how much more sophisticated threat actors have become at deception. They're moving beyond traditional BEC schemes and using targeted social engineering to manipulate users into opening the door. Once inside, they're deploying remote access trojans and quickly covering their tracks, allowing them to move laterally through networks with alarming speed. This isn't a one-off trend – we fully expect this shift to continue throughout 2026. This detailed assessment comes from Fernando Martinez Sidera, Lead Threat Researcher at LevelBlue, underscoring a consistent and increasing sophistication in attackers' use of deception as part of their strategies. Recommendations for defence In response to these trends, LevelBlue has set out several recommendations for organisations seeking to bolster their cyber defences. These include raising awareness among users about threats posed by fake CAPTCHA attacks and other browser-based vectors, and considering restrictions on PowerShell or command prompt use for non-administrator accounts. The report suggests that firms develop and enforce caller verification protocols, such as multi-factor authentication (MFA), code words or phrases, or the use of identity verification platforms. It also advises mandatory implementation of MFA and digital certificates for VPN access, as well as deployment of jump boxes for remote desktop access from outside organisational networks. Another recommendation is the removal of Quick Assist from all end-user machines unless there is a specific business requirement, alongside following established guidelines to prevent the unauthorised download and execution of remote monitoring and management (RMM) software. The report notes that in help desk-themed attacks, threat actors may leverage other tools if Quick Assist is unavailable. Patch management also features prominently among suggested actions. Organisations are reminded to remain vigilant regarding vulnerabilities and to install updates promptly - especially where proof-of-concept exploits have been publicly released. Working together on cyber threats The LevelBlue Security Operations Centre collaborates closely with LevelBlue Labs researchers to monitor evolving threats and develop effective countermeasures. This teamwork involves sharing intelligence and methodologies as well as joint research projects, with the aim of strengthening defences across client organisations. The LevelBlue Threat Trends Report is intended to provide organisations with clear insight into current cyber threat landscapes and practical steps to reduce exposure to increasing and more sophisticated attacks.
Techday NZ
15-07-2025
- Techday NZ
Trustwave unveils phishing protection service for Microsoft users
Trustwave has announced the launch of Managed Phishing for Microsoft, a service designed to enhance phishing defences for organisations using Microsoft Office 365 and Defender for Office. Phishing continues to be the most reported type of cybercrime globally. Attackers are leveraging increasingly advanced, AI-powered tactics to bypass the default email security measures provided by major platforms. In response, Trustwave has developed a managed cybersecurity solution aimed at delivering continuous protection and user awareness for businesses. The new service works alongside Microsoft's built-in defences, providing additional layers of risk reduction and email security management. Features and integration The Managed Phishing for Microsoft service includes several features intended to reduce exposure to sophisticated phishing campaigns. Among these are end-to-end technology management, multi-layered detection systems, regular simulated phishing exercises, and around-the-clock threat response. Trustwave describes its technology management capabilities as providing complete setup and administration of phishing-related policies and rules. This minimises the management burden for internal IT teams, allowing them to focus on other priorities. The detection aspect utilises AI-driven engines, supported by Trustwave SpiderLabs threat research. According to Trustwave, these capabilities reduce exposure to threats by over 99 per cent. The company also offers regular phishing simulations to strengthen employee vigilance, tailored to each organisation's unique environment. Additionally, the service provides 24/7 analysis, investigation, and response to suspected phishing emails, including those that advance beyond Microsoft's inbuilt protections. Continuous reporting is also supplied, with intelligence on user behaviour and attack trends. Trustwave's cybersecurity specialists offer actionable recommendations to help clients adapt to evolving threats. The service is designed for seamless integration with existing Microsoft environments, with a focus on unlocking further value from Microsoft E5 investments by providing proactive protection and threat intelligence. Industry perspective Phishing attacks are growing both in volume and sophistication, putting tremendous pressure on organisations to protect their users. Our Managed Phishing for Microsoft service empowers organisations to maximise their Microsoft security investments while closing critical gaps with advanced detection, rapid response, and ongoing user education. This comment was made by Jesse Emerson, Senior Vice President of Product Management & Solutions Engineering at Trustwave, on the launch of the new service. Data from law enforcement and cybersecurity firms suggest that phishing remains a persistent challenge for enterprises and public sector entities globally. Attackers are increasingly using automation and personalisation, aiming to deceive end-users and overcome conventional security controls. Threat landscape Trustwave's SpiderLabs threat research team continues to track rapid changes in the tactics employed by phishing operators. Many phishing campaigns now employ AI tools to increase success rates and evade legacy email filters or basic security rules. The company states that its Managed Phishing for Microsoft service is intended to address gaps that exist in native email security product deployments. It seeks to offer a more comprehensive solution through a combination of technology, security expertise, and employee awareness. Regular phishing simulations delivered as part of the service are tailored to an organisation's specific business environment, aiming to create ongoing awareness and a stronger culture of vigilance among employees. Ongoing analysis Organisations that subscribe to the service receive ongoing analysis of user behaviour and the latest attack trends. This, Trustwave says, enables clients to adapt to the changing threat landscape and further reduce their cyber risk exposure. By expanding on the native functionality of Microsoft Office 365 and Defender for Office, the Managed Phishing for Microsoft service is intended to help organisations improve their incident response capabilities and lower the likelihood of successful phishing incidents.
Techday NZ
04-07-2025
- Techday NZ
LevelBlue acquires Trustwave to form largest global MSSP
LevelBlue has entered into an agreement to acquire Trustwave, expanding its capabilities in managed security services and managed detection and response. The acquisition of Trustwave from MC2 Security Fund is expected to create the world's largest independent, pure-play managed security services provider. This move closely follows LevelBlue's recent agreement to purchase Aon's cybersecurity consulting business, further consolidating its position in the cyber defence sector. Expanded capabilities Trustwave's Fusion Platform and cloud-native MDR service will be integrated into LevelBlue's offering. The merger aims to deliver 24/7 cybersecurity protection across global markets, enhancing visibility and control over security operations for organisations of varying scales. The combined portfolio is anticipated to create a strategically unified managed defence platform. It will leverage LevelBlue's artificial intelligence-driven threat detection capabilities and Trustwave's SpiderLabs unit for threat research and intelligence. The joint offering targets organisations operating across cloud, hybrid, and on-premises environments. Trustwave recently achieved full authorised status from the US Federal Risk and Authorization Management Program (FedRAMP) and StateRAMP, which will enable LevelBlue to meet requirements for US federal and state projects, including those with stringent security demands such as the Department of Defense and Cybersecurity Maturity Model Certification (CMMC). "The acquisition of Trustwave represents a pivotal moment for LevelBlue and the cybersecurity industry," said Robert McCullen, Chairman and CEO of LevelBlue. "Trustwave's extensive expertise in managed detection and response services, combined with its unparalleled threat intelligence from SpiderLabs and mission-critical FedRAMP and StateRAMP authorizations, perfectly aligns with our vision to deliver simplified and powerful cybersecurity protection to organisations. This strategic move reflects our commitment to delivering better cybersecurity outcomes to our customers and enhances our global go-to-market capabilities, as well as in the U.S. federal, state, and local government markets." Eric Harmon, Chief Executive Officer of Trustwave, said, "We're thrilled to partner with LevelBlue to drive our next phase of growth and unlock even greater cyber value for our clients. The threat landscape continues to evolve at an increasingly rapid pace. This announcement reinforces Trustwave's market leadership, and together with LevelBlue, positions us to further strengthen our combined leadership position, bolster our offensive and defensive security portfolio, and drive additional innovation to further safeguard and fortify our clients against disruptive and damaging cyber threats." Market response Trustwave, headquartered in Chicago and operating globally, employs over 1,000 security professionals. It is recognised as an industry leader in managed detection and response, managed security services, cybersecurity advisory, penetration testing, database, and email security. Its SpiderLabs team contributes threat research and intelligence, integrated into its product and service suite. Market analysts noted the significance of the deal, particularly in light of recent consolidations in the managed security sector. Christina Richmond, Principal Analyst at Richmond Advisory Group, stated, "Two longtime leaders in MSS and MDR coming together signals market maturation and industry consolidation, but also a powerhouse opportunity. Trustwave's SpiderLabs team and Fusion platform integrated with LevelBlue's threat intelligence and machine learning capabilities, backed by the Open Threat Exchange (OTX), will enhance threat detection and response on a cloud-based platform. Add in the recently announced acquisition of Aon's Cybersecurity and Intellectual Property Litigation consulting groups, and the potential for a full-service global cybersecurity and risk management firm is apparent." Strategic impact The acquisition fits into LevelBlue's broader approach of merging complementary organisations to build a stronger, more integrated offering for clients, specifically addressing increased demand for comprehensive managed cybersecurity solutions. Bringing together the two companies will position LevelBlue as the largest independent, pure-play MSSP globally. Chad Sweet, Chairman of Trustwave and Co-Founder of The Chertoff Group / MC2, expressed support for the acquisition. "Joining forces with LevelBlue marks an exciting new chapter for Trustwave and our clients. The combination of LevelBlue's AI threat detection and Trustwave's FedRAMP and StateRAMP authorized Fusion Intelligent Security Operations Platform enables leading-edge cybersecurity protection for enterprises and government clients." Shawn Hakl, Head of AT&T Business Products, commented on the significance of the certification aspects. "FedRAMP and StateRAMP certified managed detection and response capabilities are an exciting expansion to LevelBlue's managed security services. This business combination positions LevelBlue as a strategic provider of cybersecurity services in AT&T's portfolio, especially to our valued federal customers." Financial advice for LevelBlue was provided by Santander, with legal counsel from Kirkland & Ellis. Trustwave's advisors included Guggenheim Securities and Pillsbury Winthrop Shaw Pittman. Strategic advice will be provided by The Chertoff Group to help accelerate growth in the managed detection and response market segment. The financial terms of the deal were not disclosed, and the acquisition remains subject to customary closing conditions.
