Home improvement retailers like Home Depot and Lowes are interesting places. Inside a typical store, one can find everyone from a guy looking to replace a leaky pipe, a couple shopping for new appliances, or a large contractor picking up hundreds of pieces of sheetrock for a major project.
Trustwave's Security Colony is the cybersecurity version of a home improvement store.
Security Colony is essentially a self-help site. For example, an organization can come in, and if, say, it is working on improving its incident response capability, we have a ransomware playbook the organization can take and then make it its own. Or is the organization worried about insider risk? If so, we have simulation exercises they can review and implement.
There are also cases where the Security Colony visitor realizes that the task at hand is beyond its capability to implement. In this case, they can ask for help and we will refer them to the right person at Trustwave.
At its core, Security Colony is essentially a massive and diverse repository of cybersecurity content collated into easy-to-navigate categories.
The Security Colony Resource Library contains 17 categories covering almost 400 topics. Trustwave has created all the documentation based on actual work we've conducted for organizations which we then make available to our subscribers. There are then two paths a subscriber can take. The first is to use the information for their edification. The second is to alter the content to create their own action plan knowing that Trustwave used the information stored on Security Colony to help another entity with a similar problem.
The Security Colony team updates the resource library with new content on a weekly basis.
Security Colony's Video Library contains a wealth of information for folks looking for an introductory lesson on a particular topic, say phishing or identifying an insecure WiFi connection. Senior Trustwave consultants present the videos.
Other videos featured tutorials on how to get the most out of a Security Colony subscription with instructions on navigating the site and using the various security tools which subscribers can access.
The Security Colony Maturity Assessment is a self-paced tool that will measure if an organization's security can defeat today's cyber threats. The threat assessment analyzes your industry and the nature and size of your business. It uses NIST Cyber Security Framework to assess your ability to identify, protect, detect, respond and recover appropriately to maintain a suitable level of security.
Areas covered include:
Security Colony maintains two types of forums. A public version for those who hold only a basic subscription service where you can ask Security Colony's cybersecurity consultants for advice and support.
A private forum is also available. It operates in the same manner as the public version but a subscriber can ask questions that may be too sensitive to talk about publicly. The private forum, however, is only available to paying subscribers.
Supply chain attacks are becoming a common occurrence, so it's imperative that an organization understand the risk imposed by their vendors. Security Colony uses a range of free, open-source, and commercial tools to complete over 20 distinct checks against a company's online footprint, packaging this analysis in an easy-to-use interface detailing the identified risks and providing an overall risk score and grade for the assessed organization.
These include:
The Breach Monitor lets you know when and if your domains and related entities have become a topic of conversation on the dark web. The tool allows you to create a set group of searches that will run daily against public and private breach and ransomware sources. If a breach is discovered, Trustwave will issue a notification and point to the public and dark web data sources for occurrences.
Essentially, those who join Security Colony receive millions of dollars' worth of consulting work for around $5,000 a year, depending upon the chosen subscription level. It's almost easier to spend more on tea and coffee in a year than for a subscription to Security Colony. It's the best value that allows you to keep up to date with what's going on and what you need in security.
The best part is one doesn't have to spend any money. Trustwave offers a great deal of content free.
Security Colony is the CISO’s best friend, an arsenal of potent, actionable, best practice knowledge at your finger tips starting at less than $10 a day, and a simple no-fuss pricing model.
Free | Startup | Core | Enterprise | |
---|---|---|---|---|
Cost (charged annually, plus tax) |
$0 | $150 / month | $450 / month | $1,750 / month |
Users | single user | single user | five users | ten users |
Resource Library | 60+ free resources | 180+ resources | 300+ resources | 360+ resources |
Video Library | 18 free educational videos | + premium educational videos | + premium educational videos | + premium educational videos |
Vendor Risk | A single assessment for your email domain | Assessment of your email domain, continually re-evaluated (more available with in app purchase) |
+ 10 vendor slots (more available with in app purchase) |
+ 100 vendor slots (more available with in app purchase) |
Maturity Assessment | A single assessment (high level reporting) | Get 4 assessments per year | Get 12 assessments per year | Unlimited assessments |
Breach Monitor | - | Full Monitoring | Full Monitoring | Full Monitoring (curated) |
Security Forums | Public | Public | Public & Private Forums | Public & Private Forums |
Included Consulting | - | - | 2 document reviews annually | 12 document reviews annually |