Aaron Fosdick

Aaron Fosdick
Aaron brings over 20 years of Information Security and operations experience working at Colorado & Silicon Valley startups, mid-market, and fortune 500 enterprises. His background includes running secure environments performing high availability transaction processing in the financial services industry. He also has security operations experience in managed services and enterprise healthcare software. He has a deep understanding of IT controls, and how to effectively implement them in high functioning organizations. He has led multiple audits, including SOX, SOC1/2, HIPAA & PCI Level 1.
Find me on:

Recent Posts

Using Android Proxy Browsers - Convenience without Web Application Security

Posted by Aaron Fosdick on Aug 6, 2018 9:03:36 AM

Slow. Antiquated. Android.

Remember the old Android device you used to use? Many of us have old versions of these devices sitting around that worked well 5 or 6 years ago, but are, unfortunately, too slow or outdated to use today. The hardware is lethargic and the Android OS hasn’t been patched for years. This is never more evident than when you try using a web browser on one of these devices and watch it struggle while rendering an element-rich site. The fact is, older devices simply don’t have sufficient CPU power to quickly display a complex page, even those designed to be responsive or mobile friendly.

Read More

Topics: Threat Intelligence

Unexpected Web Application Attacks: When Not to Trust Your Search Engine

Posted by Aaron Fosdick on May 31, 2018 8:13:19 AM

In today’s complex cybersecurity landscape, it is very apparent that threats can and will originate from virtually anywhere and hardly ever follow predictable patterns. We consistently share this knowledge with our customers and use these insights to drive our product updates and roadmap.

This fact alone makes the task of properly securing your applications even more challenging. To effectively secure your applications, it is critical to implement security controls using the zero-trust model. That means you should not rely solely on external reputation sources, threat feeds, or patches. In fact, we have found that many of the threats we identify using behavioral analysis methods go undetected when using the more traditional methods. More accurate and reliable detection is critical to effective application security, especially when attacks come from the most unsuspecting of sources.

Read More

Topics: Threat Intelligence

Using Sophisticated WAF Technology to Put the Stop to Card Fraudsters: Part II

Posted by Aaron Fosdick on May 8, 2018 9:35:00 AM

Continued from part I. Credit card fraud is an increasingly prevalent issue for card holders, card issuers, and merchants alike. Traditional approaches to WAF technology may lack the intelligence to detect and neutralize credit card fraudsters, but there are new ways, such as ThreatX's contextual behavioral analysis, that are effective in neutralizing these attacks. 

Read More

Topics: Threat Intelligence

Using Sophisticated WAF Technology to Put the Stop to Card Fraudsters: Part I

Posted by Aaron Fosdick on Apr 19, 2018 11:55:00 AM

In part I of this two-part series, we will discuss the growing issue of credit card fraud for card issuers, card holders, and merchants, including how card data is being obtained and used by today's advanced attackers.

Read More

Topics: Threat Intelligence

Threat X Labs - Blog

Arm yourself with information and insights on the latest cybersecurity trends to defend against today's most advanced cyber criminals with articles from the leader in SaaS-based web application firewall solutions.

Subscribe Here!

Recent Posts

Follow Me