Skip to content
Z Zendikt
T
Penetration Testing as a Service (PTaaS) · Rank #7 of 10

Trustwave PTaaS review and pricing

Legacy-MSSP heritage PTaaS; acquisition uncertainty material after Singtel sale.

By Trustwave Holdings, Inc. · Founded 1995 · Chicago, IL · pe backed

Trustwave is one of the oldest commercial penetration-testing and managed-security-services brands, founded 1995 in Chicago, with a legacy MSSP heritage anchored on SpiderLabs (the internal research and pen-testing team) and broad service catalog spanning managed detection and response, threat hunting, digital forensics, and PTaaS. The ownership history is the most-cited concern: Singtel acquired Trustwave in 2015 for $810M, then MacAndrews and Forbes (the Ron Perelman holding company) acquired Trustwave from Singtel in September 2024 at a reported $300M-$400M speculation range, a meaningful discount to the original purchase that suggests value impairment over the Singtel ownership period. Strengths: SpiderLabs has a long, credible research pedigree and continues to publish notable threat-intelligence work, broad service catalog allows bundling PTaaS with MDR and DFIR (a one-stop-shop for some buyers), and PCI DSS / PCI Forensic Investigator (PFI) credentials are strong in payment-card industries. Best fit for large regulated enterprises (5,000+ employees) wanting bundled MSSP services with PTaaS included, particularly PCI-heavy buyers. Trade-offs: post-MacAndrews and Forbes acquisition (September 2024) customer-support quality concerns have surfaced in renewal conversations and r/cybersecurity threads, legacy MSSP heritage means the PTaaS product is less product-led than Cobalt / HackerOne PTaaS (more services-led), pricing is opaque and meaningful at enterprise scale, and brand momentum has been flat-to-down over the Singtel-and-now-PE ownership cycle.

Visit Trustwave PTaaS Vendor pricing Compare to YesWeHack
Best for

Large regulated enterprises (5,000+ employees) wanting bundled MSSP services (MDR + DFIR + PTaaS) under a single contract, particularly PCI DSS-heavy buyers in payment-card industries.

Worst for

Mid-market SaaS companies (Cobalt better fit), US federal buyers (Synack better federal pedigree), EU buyers requiring strict data residency (Intigriti / YesWeHack better), or buyers concerned about acquisition uncertainty and post-PE customer-support quality.

Vendor Trust Score

Is Trustwave PTaaS a trustworthy vendor?

6.1/10
Mixed
Pricing transparency
Published rates; no hidden fees
4.5
Contract fairness
Reasonable terms; no auto-renew traps
6.5
Incident response
How they handle outages and breaches
7.0
Post-acquisition behavior
Customer treatment after M&A or PE
5.5
Executive stability
Leadership churn over 24 months
6.5
Roadmap honesty
Public commitments held
6.5
Trust signal log
  • 2015-04-08
    Singtel acquired Trustwave for $810M; cybersecurity services consolidation
  • 2023-05-22
    Singtel signaled strategic review of Trustwave; sale process began
  • 2024-09-22
    MacAndrews and Forbes acquired Trustwave from Singtel at reported $300M-$400M speculation range; meaningful discount to 2015 $810M purchase suggests value impairment under Singtel ownership
    Singtel sold Trustwave to MacAndrews and Forbes (the Ron Perelman holding company) in September 2024 at a price widely reported in the $300M-$400M speculation range. The transaction value is more than 50% below Singtel's 2015 $810M acquisition price, indicating meaningful value impairment over the Singtel ownership period. Post-acquisition customer-support quality concerns have surfaced in renewal conversations.
  • 2025-03-22
    Customer-support quality concerns flagged in renewal conversations and r/cybersecurity threads post-MacAndrews and Forbes acquisition
  • 2025-09-22
    SpiderLabs research team continued publishing notable threat-intelligence work; technical credibility maintained
Vendor Trust is scored independently of product quality. A great product from an unfair vendor still earns a low trust score.
Review Intelligence

What 140 reviews actually say

Synthesized from G2, Capterra, Reddit, Trustpilot. Patterns >15% prevalence shown.

Last synthesized
2026-04-30

Praise patterns

  • SpiderLabs research credibility strong
    71%
  • Bundled MSSP services valued by large enterprises
    64%
  • PCI DSS and PFI credentials strong
    51%
  • Long delivery history valued by procurement
    41%

Complaint patterns

  • Post-MacAndrews and Forbes acquisition support quality concerns
    47%
  • Services-led PTaaS less product-led than Cobalt / HackerOne
    41%
  • Pricing opaque and meaningful at enterprise scale
    38%
  • Brand momentum flat-to-down over acquisition cycle
    31%
Sentiment trend (6 months)
65/100 +1 pts
12
01
02
03
04
05
Patterns are extracted from review corpus and human-verified. We surface trends, not anecdotes.
Verified Pricing

What buyers actually pay

84 anonymized deal disclosures · last updated 2026-05-01

Contribute your deal price
Company size Median annual
Single engagement $48,000
MSSP + PTaaS bundle (mid-market) $240,000
MSSP + PTaaS bundle (enterprise) $720,000
Verified pricing is crowdsourced from buyers under anonymity guarantees. Vendor-listed prices are validated against actual deals quarterly.
Compliance & Security

Auto-verified certifications

Verified 2026-05-01
SOC 2 Type II
ISO 27001
HIPAA
GDPR
CCPA
PCI DSS
FedRAMP In-Process

Editorial: Strengths

  • SpiderLabs research and pen-testing team has long credible pedigree
  • Broad MSSP service catalog (MDR + DFIR + PTaaS bundling)
  • Strong PCI DSS and PCI Forensic Investigator (PFI) credentials
  • Built for large regulated enterprises (5,000+ employees)
  • Mature for payment-card industries
  • Long delivery history since 1995

Editorial: Weaknesses

  • MacAndrews and Forbes acquisition Sept 2024 at reported $300M-$400M (vs Singtel $810M 2015); value impairment under Singtel ownership
  • Customer-support quality concerns post-acquisition
  • PTaaS product less product-led than Cobalt / HackerOne PTaaS (more services-led)
  • Pricing opaque and meaningful at enterprise scale
  • Brand momentum flat-to-down over multi-acquisition cycle

Key features & integrations

  • +SpiderLabs pen-testing team
  • +Web app, API, mobile, network, internal pen testing
  • +PCI DSS and PFI services
  • +Bundled MSSP services (MDR, DFIR, threat hunting)
  • +Compliance-mapped reporting (PCI, HIPAA, SOC 2)
  • +Mature retest workflow
  • +Threat intelligence integration (SpiderLabs research)
30+ integrations
SplunkServiceNowMicrosoft SentinelCrowdStrikeTenableQualys
Geography supported
Global; strongest in US, UK, EU, AU
Best fit
1,000 to 500,000+ employees · Large regulated enterprises and PCI-heavy industries
Editorial deep-dive

Read our full ranking of Penetration Testing as a Service (PTaaS)

Trustwave PTaaS ranks #7 in our editorial review of 10 penetration testing as a service (ptaas) platforms. The deep-dive covers methodology, comparison tables, decision matrix, migration scoring, and FAQs.

Read the full ranking

Closest alternatives in Penetration Testing as a Service (PTaaS)

#6
YesWeHack
French bug-bounty platform with EU data residency as primary differentiator.
★ 4.6 partial
#8
Rapid7 PTaaS
PTaaS leveraging Insight platform and Velociraptor managed-services capability.
★ 4.3 partial
#5
Intigriti
EU-headquartered bug bounty with GDPR, NIS2, and DORA compliance anchoring.
★ 4.7 partial
Help the next buyer

Contribute your verified deal price

Pricing in B2B software is opaque because vendors want it that way. Verified buyer prices fix that, anonymously. Share what you actually paid for Trustwave PTaaS; we’ll add it to the verified pricing dataset on this page (with company size band only, no identifying details).

Submit anonymously