Trustwave Acquires Vericept

Data loss prevention technology to be integrated into Trustwave's security and compliance suite

September 10, 2009

4 Min Read


CHICAGO (September 10, 2009) " Trustwave, the leading provider of on-demand data security and payment card industry compliance management solutions to businesses and organizations throughout the world, has acquired Vericept, a leading provider of data loss prevention (DLP) and intellectual property protection solutions. The terms of the deal are confidential.

Data loss prevention solutions are most often used to monitor business processes in support of compliance mandates, to protect brand and reputation by enforcing customer data privacy and to defend strategic information and intellectual property against inadvertent and malicious loss. Leading organizations across multiple industries including financial services, healthcare, aerospace and defense, manufacturing, technology, education and retail utilize DLP solutions. With DLP, advanced content inspection is performed on data in use (e.g., endpoints), data in motion (e.g., network) and data at rest (e.g., data storage) to help detect and prevent the unauthorized use and transmission of confidential information. DLP is also used to demonstrate compliance across multiple standards and regulations, such as the PCI DSS and HIPAA, as part of a system of control over information.

The core of Vericept's DLP solution is its patented Content Analysis Engine, which analyzes content against policy, helps detect and classify structured and unstructured content, as well as, text extraction of any file type. This patented detection and classification technology extends to data-in-motion to address Web 2.0 threats by identifying the use of applications such as blogs, social networking sites and Webmail to accurately identify and control sensitive data. Once data is classified, it can be managed consistently according to policy from the moment it is created.

Specifically, Vericept's leading DLP solutions help address multiple requirements of the Payment Card Industry Data Security Standard (PCI DSS) version 1.2. PCI DSS is the payment card industry security requirement for entities that process, transmit and/or store cardholder data, which has been endorsed by all the major card brands " Visa Inc., MasterCard Worldwide, Discover Network, American Express and JCB. Using DLP technology, businesses can meet the following seven of the 12 requirements, further strengthening Trustwave's position as a leading provider of PCI DSS services and solutions:

  • Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

    • Requirement 3: Protect stored cardholder data

    • Requirement 4: Encrypt transmission of cardholder data across open, public networks

    • Requirement 6: Develop and maintain secure systems and applications

    • Requirement 8: Assign a unique ID to each person with computer access

    • Requirement 9: Restrict physical access to cardholder data

    • Requirement 10: Monitor all access to network resources and cardholder data

      "We're very excited to offer our customers a leading DLP solution that can manage sensitive data, scale to meet expanding business requirements and maintain high performance as business continues in real time," says Robert J. McCullen, chairman and CEO of Trustwave. "Vericept's DLP technology complements our current portfolio of security solutions offered to our global customer base."

      "The 451 Group believes concerns about data security and leak prevention are central to both regulatory compliance and network security," says Paul Roberts, senior analyst for enterprise security at The 451 Group. "Trustwave's acquisition of Vericept will allow it to marry Vericept's expertise in inspecting data flows to and from the endpoint and on the network with Trustwave's broad portfolio of managed security products and compliance offerings."


      Vericept's DLP solutions help customers streamline and demonstrate compliance. With pre-defined compliance categories that specifically address standards such as PCI DSS, HIPAA and GLBA, Vericept's patented DLP classification technology precisely monitors data to ensure compliance with company policy. "We've developed a leading DLP technology for scanning and detecting sensitive information and mitigating risk based on policy requirements. Our DLP solutions ensure that a business' sensitive data or competitive intelligence is not lost or leaked, compliance is enforced and brand equity is protected," says Dave Parkinson, former CEO of Vericept, who will become Trustwave's general manager of security services.

      About Trustwave Trustwave is the leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper' compliance management software and other proprietary security solutions. Trustwave has helped thousands of organizations—ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers—manage compliance and secure their network infrastructure, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, China and Australia. For more information, visit

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights