Meet PCI Requirements Consistently and Efficiently

Posted by Bret Settle on May 19, 2020 2:38:53 PM

Most any organization that stores, processes, or transmits payment card data is likely well aware of the Payment Card Industry Data Security Standard (PCI DSS). For these organizations, maintaining and documenting PCI compliance is an ongoing and often laborious process. ThreatX brings a new approach to application security that not only helps address PCI requirements but does it far more consistently across many types of applications and with far less effort than traditional WAFs. 

Read More

Topics: Company | Product Updates

Joining the Front Lines of AppSec

Posted by Gene Fay on Apr 28, 2020 7:00:00 AM

Hello. My name is Gene Fay and I am incredibly excited to join the ThreatX team as CEO. I’d like to take a few moments to introduce myself and talk briefly about why I joined ThreatX and my vision for its future. 

Read More

Topics: Company | Product Updates

Two birds. One stone. Cut costs & Reduce AppSec Risk

Posted by Sean Zoske on Apr 6, 2020 8:45:00 AM

Just a few weeks ago, my colleague wrote a blog about the importance of having AppSec vendors who are true partners and not simply hawkers of products. This has become even more important as security teams try to adapt to the challenges and pressures introduced by the COVID-19 pandemic.

Many organizations are accelerating their migration to cloud-based applications both to reduce costs and to simplify the availability of applications as more users work from home. At the same time, budgets are increasingly uncertain as teams look to control costs in the face of uncertainty. For AppSec teams, this creates a classic need to “do more with less”. While many organizations are being asked to cut back, it is important to remember that attackers are doing just the opposite.

This sort of challenge accentuates the vision behind our approach at ThreatX. This is not a marketing shift to capitalize on a global tragedy, it’s how we built our business from the start. Our approach is simple:

Read More

Topics: Threat Intelligence

Eliminate AppSec Sprawl

Posted by Chris Brazdziunas on Apr 1, 2020 9:15:00 AM


As the threat landscape has become more diverse, AppSec solutions have become increasingly fractured. For each new type of threat or problem, a new corresponding type of security product seems to arise. However, this sort of technology sprawl has become operationally unsustainable as organizations are forced to support exponentially more applications, more APIs, and defend against a much broader set of threats including bots, DDoS attacks, and patient, multi-stage, targeted attacks and evasion techniques. 

Read More

Topics: Threat Intelligence

Fighting the AppSec Fight: Don't sell products. Create partnerships.

Posted by Chris Brazdziunas on Mar 18, 2020 9:26:34 AM

It’s been a few weeks since we closed the book on another RSA conference. And as always, it was nice to catch up with old friends, meet new ones, and talk to many of the security professionals who are on the frontlines of AppSec every day.

However, after spending some time on the show floor, one thing really stood out for me: vendors were selling security products, and most attendees were looking for security partnerships.

Every vendor seemingly has a promise for why their technology, products, or features are better than their competitors. But ultimately, it falls to the customers to take a leap of faith, invest in a product, staff the product, and make it deliver on its promises. It is the customer that must do the heavy lifting and take on the risk.

Read More

Topics: Web, Application & Hybrid Cloud Security, Threat Intelligence

OWASP TOP 10: APIs Take Center Stage in Latest List of Priorities

Posted by Chris Brazdziunas on Feb 12, 2020 7:57:58 AM

OWASP recently released the first iteration of the API Security Top 10. Like the ubiquitous OWASP Top 10, the API Security Top 10 delivers a prioritized list of the most critical application security issues with a focus on the API side of applications. This is a critical new tool for AppSec teams that hones in on one of the fastest growing, yet chronically under-addressed aspects of security. In this blog, I’d like to offer you an overview of the API top 10 with comparisons to the OWASP top 10 for web applications.

Read More

Topics: Web, Application & Hybrid Cloud Security, Threat Intelligence

Embedded in the ThreatX SOC: My First 30 Days

Posted by Sean Zoske on Sep 16, 2019 3:26:49 PM

SOC-as-a-SERVICE (1)

I joined ThreatX’s SOC as the Director of Security about 30 days ago now, and as with any SOC, days are hectic.  In some cases, nights are too. Even so, one of my first objectives at ThreatX was to meet with a few current customers to gather feedback from them about what is working, and what isn’t. 

Read More

Topics: Company | People

Better Security + More Efficient Ops with a Unified Approach to AppSec

Posted by Chris Brazdziunas on Aug 19, 2019 11:52:55 AM

As the demands of both modern applications and complex threat landscapes have continued to increase, many organizations have been forced to adopt an ever-growing list of new, specialized security tools in an attempt to keep pace. This often includes a mixture of WAFs, anti-bot tools, DDoS prevention, behavioral and analytics tools, intelligence feeds, and more. However, a fractured approach to security is rarely effective and almost never efficient. 

Read More

Topics: Web, Application & Hybrid Cloud Security

ThreatX Labs - Blog

Arm yourself with information and insights on the latest cybersecurity trends to defend against today's most advanced cyber criminals with articles from the leader in SaaS-based web application firewall solutions.

Subscribe Here!

Recent Posts

Follow Me