www.trustwave.com
Open in
urlscan Pro
52.151.96.240
Public Scan
URL:
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/snappy-detecting-rogue-and-fake-80211-wireless-access-poin...
Submission: On July 04 via api from TR — Scanned from GB
Submission: On July 04 via api from TR — Scanned from GB
Form analysis
8 forms found in the DOMGET /en-us/search/
<form oninput="autoSuggest(q.value)" method="get" target="_self" action="/en-us/search/" _lpchecked="1" data-hs-cf-bound="true">
<div class=" site-header-search-mobile" id="search-box">
<i class="fe fe-search text-darkest"></i>
<input id="search" value="" type="text" class="form-control" name="q" placeholder="Search trustwave.com" autocomplete="off">
<div id="search-bar">
<ul class="ul-list list-unstyled result-list" id="suggestresults"></ul>
</div>
</div>
</form>
GET /en-us/search/
<form method="get" target="_self" action="/en-us/search/" data-hs-cf-bound="true">
<div class="site-header-search-main">
<i class="fe fe-search text-darkest"></i>
<input type="text" class="form-control form-control-lg" id="q" name="q" placeholder="Search trustwave.com">
</div>
</form>
<form id="navdemo-form" class="modal pt-9" style="max-height:90vh; width:90%; margin:auto 0;" data-hs-cf-bound="true">
<script charset="utf-8" type="text/javascript" src="//js.hsforms.net/forms/embed/v2.js"></script>
<script data-hubspot-rendered="true">
hbspt.forms.create({
region: "na1",
portalId: "21158977",
formId: "92358282-9e9e-4fe6-a21f-c30c1e55336d",
sfdcCampaignId: "7016e0000020JvOAAU"
});
</script>
<div id="hbspt-form-26933305-8fc4-4d3d-9b75-7859fe17d93f" class="hbspt-form" data-hs-forms-root="true"><iframe id="hs-form-iframe-0" class="hs-form-iframe" title="Form 0" scrolling="no" width="100%"
style="position: static; border: none; display: block; overflow: hidden; width: 100%;"></iframe></div>
</form>
<form id="demo-form" class="modal" data-hs-cf-bound="true">
<script charset="utf-8" type="text/javascript" src="//js.hsforms.net/forms/embed/v2.js"></script>
<script data-hubspot-rendered="true">
hbspt.forms.create({
region: "na1",
portalId: "21158977",
formId: "cfc901a2-eafd-46d4-a988-cdec75f02fd1",
sfdcCampaignId: "7016e0000020JvOAAU"
});
</script>
<div id="hbspt-form-ff9f1ec0-1155-4570-a5d9-f86ca705a68a" class="hbspt-form" data-hs-forms-root="true"><iframe id="hs-form-iframe-1" class="hs-form-iframe" title="Form 1" scrolling="no" width="100%"
style="position: static; border: none; display: block; overflow: hidden; width: 100%;"></iframe></div>
</form>
<form id="demo-form" class="modal pt-9" style="max-height:90vh; width:90%; margin:auto 0" data-hs-cf-bound="true">
<script charset="utf-8" type="text/javascript" src="//js.hsforms.net/forms/embed/v2.js"></script>
<script data-hubspot-rendered="true">
hbspt.forms.create({
region: "na1",
portalId: "21158977",
formId: "cfc901a2-eafd-46d4-a988-cdec75f02fd1",
sfdcCampaignId: "7016e0000020JvOAAU"
});
</script>
<div id="hbspt-form-ae2f9326-a9a1-44ad-988f-615f7964c4ab" class="hbspt-form" data-hs-forms-root="true"><iframe id="hs-form-iframe-2" class="hs-form-iframe" title="Form 2" scrolling="no" width="100%"
style="position: static; border: none; display: block; overflow: hidden; width: 100%;"></iframe></div>
</form>
<form id="partner-form" class="modal pt=9" style="max-height:90vh; width:90%; margin:auto 0" data-hs-cf-bound="true">
<script charset="utf-8" type="text/javascript" src="//js.hsforms.net/forms/embed/v2.js"></script>
<script data-hubspot-rendered="true">
hbspt.forms.create({
region: "na1",
portalId: "21158977",
formId: "de7ea1d6-a749-4248-88db-dc813310bec6",
sfdcCampaignId: "7016e0000020A3BAAU"
});
</script>
<div id="hbspt-form-eba29659-c02d-410e-9bbd-76e8d88c329c" class="hbspt-form" data-hs-forms-root="true"><iframe id="hs-form-iframe-3" class="hs-form-iframe" title="Form 3" scrolling="no" width="100%"
style="position: static; border: none; display: block; overflow: hidden; width: 100%;"></iframe></div>
</form>
POST https://forms.hsforms.com/submissions/v3/public/submit/formsnext/multipart/21158977/68741a11-8e56-4f23-ba7f-b2307e77714c
<form id="hsForm_68741a11-8e56-4f23-ba7f-b2307e77714c" method="POST" accept-charset="UTF-8" enctype="multipart/form-data" novalidate=""
action="https://forms.hsforms.com/submissions/v3/public/submit/formsnext/multipart/21158977/68741a11-8e56-4f23-ba7f-b2307e77714c"
class="hs-form-private hsForm_68741a11-8e56-4f23-ba7f-b2307e77714c hs-form-68741a11-8e56-4f23-ba7f-b2307e77714c hs-form-68741a11-8e56-4f23-ba7f-b2307e77714c_f1f0a8cd-63f2-41b8-8a92-560784cad801 hs-form stacked"
target="target_iframe_68741a11-8e56-4f23-ba7f-b2307e77714c" data-instance-id="f1f0a8cd-63f2-41b8-8a92-560784cad801" data-form-id="68741a11-8e56-4f23-ba7f-b2307e77714c" data-portal-id="21158977" data-hs-cf-bound="true">
<div class="hs_email hs-email hs-fieldtype-text field hs-form-field"><label id="label-email-68741a11-8e56-4f23-ba7f-b2307e77714c" class="" placeholder="Enter your " for="email-68741a11-8e56-4f23-ba7f-b2307e77714c"><span></span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><input id="email-68741a11-8e56-4f23-ba7f-b2307e77714c" name="email" placeholder="Business Email" type="email" class="hs-input" inputmode="email" autocomplete="email" value=""></div>
</div>
<div class="hs_submit hs-submit">
<div class="hs-field-desc" style="display: none;"></div>
<div class="actions"><input type="submit" class="hs-button primary large" value="SUBSCRIBE"></div>
</div><input name="hs_context" type="hidden"
value="{"embedAtTimestamp":"1688436517454","formDefinitionUpdatedAt":"1674512136291","lang":"en","embedType":"REGULAR","renderRawHtml":"true","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36","pageTitle":"SNAPPY: Detecting Rogue and Fake 802.11 Wireless Access Points Through Fingerprinting Beacon Management Frames | Trustwave","pageUrl":"https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/snappy-detecting-rogue-and-fake-80211-wireless-access-points-through-fingerprinting-beacon-management-frames/","isHubSpotCmsGeneratedPage":false,"hutk":"94e3f1e64dd855a0b537b9fc1c7b2105","__hsfp":2241961375,"__hssc":"94548739.1.1688436520761","__hstc":"94548739.94e3f1e64dd855a0b537b9fc1c7b2105.1688436520761.1688436520761.1688436520761.1","formTarget":"#hbspt-form-f1f0a8cd-63f2-41b8-8a92-560784cad801","locale":"en","timestamp":1688436520775,"originalEmbedContext":{"portalId":"21158977","formId":"68741a11-8e56-4f23-ba7f-b2307e77714c","region":"na1","target":"#hbspt-form-f1f0a8cd-63f2-41b8-8a92-560784cad801","isBuilder":false,"isTestPage":false,"isPreview":false,"isMobileResponsive":true},"correlationId":"f1f0a8cd-63f2-41b8-8a92-560784cad801","renderedFieldsIds":["email"],"captchaStatus":"NOT_APPLICABLE","emailResubscribeStatus":"NOT_APPLICABLE","isInsideCrossOriginFrame":false,"source":"forms-embed-1.3372","sourceName":"forms-embed","sourceVersion":"1.3372","sourceVersionMajor":"1","sourceVersionMinor":"3372","_debug_allPageIds":{},"_debug_embedLogLines":[{"clientTimestamp":1688436517619,"level":"INFO","message":"Retrieved pageContext values which may be overriden by the embed context: {\"pageTitle\":\"SNAPPY: Detecting Rogue and Fake 802.11 Wireless Access Points Through Fingerprinting Beacon Management Frames | Trustwave\",\"pageUrl\":\"https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/snappy-detecting-rogue-and-fake-80211-wireless-access-points-through-fingerprinting-beacon-management-frames/\",\"userAgent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36\",\"isHubSpotCmsGeneratedPage\":false}"},{"clientTimestamp":1688436517621,"level":"INFO","message":"Retrieved countryCode property from normalized embed definition response: \"GB\""},{"clientTimestamp":1688436520771,"level":"INFO","message":"Retrieved analytics values from API response which may be overriden by the embed context: {\"hutk\":\"94e3f1e64dd855a0b537b9fc1c7b2105\"}"}]}"><iframe
name="target_iframe_68741a11-8e56-4f23-ba7f-b2307e77714c" style="display: none;"></iframe>
</form>
<form data-hs-cf-bound="true"></form>
Text Content
Trustwave Action Response: Zero Day Vulnerability in Barracuda Email Security Gateway Appliance (CVE-2023-2868). Learn More * Contact Us * Login Login Fusion Platform Login What is the Trustwave Fusion Platform? * MailMarshal Cloud Login * Incident Response Incident Response EXPERIENCING A SECURITY BREACH? Get access to immediate incident response assistance. 24 HOUR HOTLINES * AMERICAS +1 855 438 4305 * EMEA +44 8081687370 * AUSTRALIA +61 1300901211 * SINGAPORE +65 68175019 Recommended Actions * * Services Services * Managed Detection & Response Eradicate cyberthreats with world-class intel and expertise * Managed Security Services Expand your team’s capabilities and strengthen your security posture * Consulting & Professional Services Tap into our global team of tenured cybersecurity specialists * Penetration Testing Subscription- or project-based testing, delivered by global experts * Database Security Get ahead of database risk, protect data and exceed compliance requirements * Email Security & Management Catch email threats others miss with layered security & maximum control * Co-Managed SOC (SIEM) Eliminate alert fatigue, focus your SecOps team, stop threats fast, and reduce cyber risk View All Trustwave Services * Solutions Solutions BY INDUSTRY * Education * Financial Services * Government * Healthcare * Hotels * Legal * Manufacturing * Retail BY REGULATION * Data Privacy * CMMC * FISMA * GDPR * GLBA * HIPAA * ISO * SOX BY TOPIC * Microsoft Exchange Server Attacks Stay protected against emerging threats * Rapidly Secure New Environments Security for rapid response situations * Securing the Cloud Safely navigate and stay protected * Securing the IoT Landscape Test, monitor and secure network objects * Why Trustwave Why Trustwave * The Trustwave Approach A focus on threat detection and response * Awards and Accolades Recognition by analysts and media outlets * Trustwave SpiderLabs Team Researchers, ethical hackers and responders * Trustwave Fusion Platform Unprecedented security visibility and control * SpiderLabs Fusion Center Our cybersecurity command center * Security Operations Centers Distributed worldwide defense nodes * Partners Partners * Technology Alliance Partners Key alliances who align and support our ecosystem of security offerings * Trustwave PartnerOne Program Join forces with Trustwave to protect against the most advance cybersecurity threats * Register Login * Resources Resources BLOGS * Trustwave Blog * SpiderLabs Blog UPCOMING * Webinars * Events MEDIA & ASSETS * Document Library * Video Library * Analyst Reports * Webinar Replays * Case Studies * Trials & Evaluations NOTICES * Security Advisories * Software Updates HELP * Contact * Support * * Request a Demo Loading... BLOGS & STORIES SPIDERLABS BLOG Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research. SNAPPY: DETECTING ROGUE AND FAKE 802.11 WIRELESS ACCESS POINTS THROUGH FINGERPRINTING BEACON MANAGEMENT FRAMES access_timeJune 27, 2023 person_outlineTom Neaves share * * * Figure 1. Allow me to summarise this blog post with Lego… I’ve always had a great love of all things wireless/RF for as long as I can remember. The ability to send frames/packets of data out into the world (the airwaves!) for anyone with the right equipment and looking at the right frequency to pluck them out and reconstruct them - amazing! I am still the proud owner of both ORiNOCO Gold and Silver PCMCIA cards, these two bad boys defined wireless hacking back in the early 2000’s. Now, for probably the first time in nearly two decades, I’ve gone and taken a blue team defence perspective on something. I didn’t intend on it going this way, you know how it is with research, never a straight path. I had a hunch about something, so out came the trusty Alfa cards, with a side order of Wireshark. The next few hours I’d be knee-deep in wireless Management Frames. The short version of this blog post is that I’ve found a novel technique to detect both rogue and fake 802.11 wireless access points through fingerprinting Beacon Management Frames, and created a tool to do so, called snap.py (Snappy) – the blog post title doesn’t lie! The long version of this blog post is that I didn’t start out that way... I was actually looking into MAC address randomization, namely in mobile devices. Just to be inclusive of all audiences here, a quick definition on what a MAC address is, from Wikipedia no less: “A media access control address (MAC address) is a unique identifier assigned to a network interface controller (NIC) for use as a network address in communications within a network segment. This use is common in most IEEE 802 networking technologies, including Ethernet, Wi-Fi, and Bluetooth. Within the Open Systems Interconnection (OSI) network model, MAC addresses are used in the medium access control protocol sublayer of the data link layer. As typically represented, MAC addresses are recognizable as six groups of two hexadecimal digits, separated by hyphens, colons, or without a separator. MAC addresses are primarily assigned by device manufacturers, and are therefore often referred to as the burned-in address, or as an Ethernet hardware address, hardware address, or physical address. Each address can be stored in hardware, such as the card's read-only memory, or by a firmware mechanism. Many network interfaces, however, support changing their MAC address. The address typically includes a manufacturer's organizationally unique identifier (OUI). MAC addresses are formed according to the principles of two numbering spaces based on extended unique identifiers (EUIs) managed by the Institute of Electrical and Electronics Engineers (IEEE): EUI-48—which replaces the obsolete term MAC-48—and EUI-64.” The problem with MAC addresses is that because they are (or were) designed to be permanent like some kind of device tattoo, privacy issues arise. These addresses are unique and therefore could be used to tie them to individuals. In turn, you could then track these devices (the individuals) using 802.11 Probe Requests put out by the devices, which reference their MAC address. Vendors came up with a MAC randomization feature back in 2014 in an attempt to thwart this kind of tracking of mobile devices. Some vendors/phones vary in how they have been implemented; some will generate new MAC addresses for known networks after 48 hours (Apple), some will generate new ones on every device scan, etc. It wasn’t really until Apple turned this option on by default in iOS 14 (not that long ago in 2020) that it started having an impact. On an iPhone you can find this under ‘Settings’ -> ‘Wi-Fi’ -> select a wireless network -> ‘Private Wi-Fi Address’ option. My hunch (with my usual red team offensive hat on) was that there is probably a way to use other things in these frames to identify and track users, other than using the MAC address. I started looking at my own Probe Requests on some of my own devices; a selection of iPhone and iPad versions, all with slightly different iOS versions and generations. I was just eyeballing the frames in Wireshark and doing a mental ‘diff’ between them all when I spotted a few things. The first rule of research club is that surely someone has asked this question or spotted this stuff before, standing on the shoulders of giants and all that. Sure enough, down the rabbit hole I went. I read a great selection of papers on how MAC address randomization had failed over the years at the hands of security researchers [1], [2], [3], [4], [5], [6], [7]. Researchers had managed to be creative and use a wealth of things in these 802.11 Probe Request Frames to track devices attempting to hide, ranging from timing differences, using and reversing the WPS UUID-E field, to using RF signal strength. Slightly off topic, but I even stumbled upon one crazy paper about using Probe Requests to reveal a person’s trajectory [8]. I was kind of disheartened because it seemed that these researchers had beat me to lots of things I had in mind and was seeing. That was until I stepped back, without the phone that is, no trajectory tracing here… All these researchers (with the exception of one [9]) had gone after Probe Requests, focusing on the client, which makes sense, because the problem they have identified and the question they are trying to answer is, can the MAC randomization be circumvented/reversed to track these clients? No one is looking at the server, perhaps because they don’t think we have a problem in this area. It is only with my pentester hat on that I’m able to ask a slightly different question, to solve a problem which I know exists in the server realm. Can I switch my initial approach and those research ideas and apply it to the server, aka Beacon Frames, sent out by Access Points? With this, can I then use these things to pick out rogue and fake Access Points? Let me explain. The problem users have, especially for those using open wireless networks (coffee shops, supermarkets, etc.) is that it is too easy for an attacker to spin up their own Access Point with the same SSID and to have the users connect to it. The user really doesn’t have any way of knowing they are not on the legitimate one, especially if the attacker is spoofing the legitimate Access Point’s MAC address too. WPA2-PSK networks don’t have the same fate because this attack falls down at the first hurdle because the attacker needs to set the rogue Access Point up with the same passphrase… and if they know that already, then they should probably be at the victim’s house and not at the coffee shop. From a user’s perspective, wouldn’t it be great if we could tell if our local coffee shop’s wireless Access Point is not the same as when we were last in there and is a rogue? Furthermore, wouldn’t it be kind of cool to be able to detect people using airbase-ng, the tool of choice for most fake (software-based) Access Points? Please forgive me, red team gods. “You have to let it all go, Neo. Fear, doubt, and disbelief. Free your mind.” (Thanks Morpheus) With a spring in my step, I continued on with my research, Alfa cards at the ready. I pulled a selection of my finest retired/on the bench Access Points out of the hat and captured Beacon Management Frames from each. I was interested in how much they varied. I know a thing or two about 802.11 Management Frames from creating a wireless C2 (called Smuggler) by abusing Information Elements (IE) tags in them back in 2014. See this blog post for more information on that. Back to the main event. I needed to identify a number of things (elements, parameters, tags, etc.) in the Beacon Frame which were both independently and collectively different between Access Points enough that I could use as some kind of fingerprint to form a signature. It was, however, important that these values remained static to themselves and did not change over time, else having the concept of a signature wouldn’t work. Figure 2. Tags you’ll likely see inside 802.11 Wireless Beacon Management Frames Through spending some/a lot of time in Wireshark and scapy, I picked out the following candidates: BSSID SSID Channel Country Supported Rates Extended Rates Max Transmit Power Capabilities Max_A_MSDU Vendor (#2) I concatenate all the above together and make into a SHA256 hash, not unlike a burrito. I wanted this to be something useable so I knocked up some code in Python, making use of scapy for the heavy lifting. Below is a snippet of the code. Figure 3. A snippet of snap.py code I call the tool snap.py (Snappy) – making use of the word ‘snap’ (as in ‘snapshot’) for the use of this thing and also not at all/only one time heavily influenced by the Python file extension ‘.py’ completing things off perfectly. The concept of using Snappy is about taking snapshots. You rock up to your local trusted open wireless network you use and you take a ‘snapshot’ of what good looks like. The caveat is you need to make sure when you’re taking this snapshot that you don’t snap what bad looks like, that would be bad. Once you have this snapshot, aka, a SHA256 hash, you store it. You drink your coffee; you get on with your life. A week later, you rock up, repeat the same exercise, check the SHA256 hash matches the one you took before. All good? Connect to it. Bad? Get the latte to go. Figure 4. Snappy in action, a SHA256 hash created for the wireless access point Snappy can work either in offline mode (my personal preference) or online/active mode. In offline mode, you use airodump-ng or whatever your tool of choice is to get your Beacon Frames, save as a .cap/.pcap, and you can load it into Snappy. Snappy will loop through multiple Beacon Frames of different networks if they exist in the capture file and generate hashes, no problemo! In online mode, Snappy will report (generate a SHA256 hash) in real time on Beacon Frames, again, support for multiple networks. Notice how I used the term ‘report’ in the last sentence? Well, we set out initially to detect both rogue and fake Access Points. Rogue, ticked. Fake, well that’s usually the result of airbase-ng to create it at a software level. I thought it would be nice (please forgive me once again red team gods!) if we could detect airbase-ng in use. I reviewed the source code of airbase-ng and also looked at how it in reality presents itself on the wireless side and came up with a few handpicked things to formulate a signature once again. Figure 5. Airbase-ng uses these hardcoded ‘rates’ and ‘extended rates’ Figure 6. Airbase-ng ‘rates’ and ‘extended rates’, plus short slot time, seen on the wireless side inside the frame In addition to the normal hash generation, if airbase-ng is detected as responsible for serving the Access Point, you’ll get an additional “******** AIRBASE-NG DETECTED AT THIS ACCESS POINT ********” message attached under the signature. So if you see this message at your first snapshot, maybe think about moving coffee shops going forward. Figure 7. Snappy running on two wireless access points with airbase-ng being detected on the second You can download Snappy here Hopefully you enjoyed my wireless research and find the tool useful. Thanks for reading! REFERENCES [1] Tomas Bravenec, Joaquin Torres-Sospedra, Michael Gould, Tomas Fryza. “Exploration of User Privacy in 802.11 Probe Requests with MAC Address Randomization Using Temporal Pattern Analysis”. June 2022. [2] Jeremy Martin and Travis Mayberry and Collin Donahue and Lucas Foppe and Lamont Brown and Chadwick Riggins and Erik C. Rye and Dane Brown. “A Study of MAC Address Randomization in Mobile Devices and When it Fails”. 2017. [3] Ivan Vasilevski, Veno Pachovski, Dobre Blaxehevski, Irena Stojmenovska. “Five Years Later: How Effective Is the MAC Randomization in Practice? The No-at-All Attack”. 2019. [4] Ellis Fenske, Dane Brown, Jeremy Martin, Travis Mayberry, Peter Ryan and Erik Rye. “Three Years Later: A Study of MAC Address Randomization In Mobile Devices And When It Succeeds”. Proceedings on Privacy Enhancing Technologies; 2021 (3):164-181. [5] Vanhoef, Mathy and Matte, Celestin and Cunche, Mathieu and Cardoso, Leonardo S. and Piessens, Frank. "Why MAC Address Randomization is Not Enough: An Analysis of Wi-Fi Network Discovery Mechanisms". Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security. 2016. 413-424 (12). [6] Célestin Matte, Mathieu Cunche, Franck Rousseau, Mathy Vanhoef. “Defeating MAC Address Randomization Through Timing Attacks”. ACM WiSec 2016, Jul 2016, Darmstadt, Germany. [7] Denton Gentry, Avery Pennarun (Google). “Passive Taxonomy of Wifi Clients using MLME Frame Contents”. 2016. [8] Abhishek Kumar Mishra, Aline Carneiro Viana, Nadjib Achir. “Do WiFi Probe-Requests Reveal Your Trajectory?”. HAL Open Science. Dec 2022. [9] Bandar Alotaibi, K. Elleithy. “A Passive Fingerprint Technique to Detect Fake Access Points”. 2015. RELATED SPIDERLABS BLOGS HONEYPOT RECON: MSSQL SERVER – DATABASE THREAT OVERVIEW '22/'23 SpiderLabs Blog BRUTE-FORCING BUTTERFLYMX VIRTUAL KEYS AND HACKING TIME LIMITS SpiderLabs Blog KILLNET, ANONYMOUS SUDAN, AND REVIL UNVEIL PLANS FOR ATTACKS ON US AND EUROPEAN BANKING SYSTEMS SpiderLabs Blog STAY INFORMED Sign up to receive the latest security news and trends from Trustwave. * Leadership Team * Our History * News Releases * Media Coverage * Careers * Global Locations * Awards & Accolades * Trials & Evaluations * Contact * Support * Security Advisories * Software Updates * Legal * Terms of Use * Privacy Policy * Copyright © 2023 Trustwave Holdings, Inc. All rights reserved. Loading HELP US STOP THE ROBOT UPRISING This is a bot-free zone. Please check the box to let us know you're human. THANK YOU Download Now -------------------------------------------------------------------------------- Read complimentary reports and insightful stories in the Trustwave Resource Center THANK YOU One of our sales specialists will be in touch shortly. -------------------------------------------------------------------------------- Read complimentary reports and insightful stories in the Trustwave Resource Center We use cookies to provide you a relevant user experience, analyze our traffic, and provide social media features. Privacy Policy GOT IT PREFERENCE CENTRE When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer. More information Allow All MANAGE CONSENT PREFERENCES STRICTLY NECESSARY COOKIES Always Active These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information. PERFORMANCE COOKIES Performance Cookies These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance. TARGETING COOKIES Targeting Cookies These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising. FUNCTIONAL COOKIES Functional Cookies These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly. Back Button COOKIE LIST Search Icon Filter Icon Clear checkbox label label Apply Cancel Consent Leg.Interest checkbox label label checkbox label label checkbox label label Confirm My Choices PREFERENCE CENTRE When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer. More information Allow All MANAGE CONSENT PREFERENCES STRICTLY NECESSARY COOKIES Always Active These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information. PERFORMANCE COOKIES Performance Cookies These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance. TARGETING COOKIES Targeting Cookies These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising. FUNCTIONAL COOKIES Functional Cookies These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly. Back Button PERFORMANCE COOKIES Search Icon Filter Icon Clear checkbox label label Apply Cancel Consent Leg.Interest checkbox label label checkbox label label checkbox label label Confirm My Choices