ThreatX - Blog

Over the past few years, web and application development has undergone a considerable change. Not only is application development and integration dominated by web and mobile-enabled solutions, but technologies like APIs and microservices are also breaking into the scene. 

While these recent advancements have increased connectivity and productivity, they have complicated application security for many organizations. From botnets to targeted attacks, web applications are the target and successful source for a growing number of malicious threats - nearly 10% growth YoY^*.

In a world that is increasingly fast-paced, continuously evolving, and especially competitive, the Internet of Things (IoT) has introduced an entirely new era of connectivity and productivity. For the most part, consumers and businesses alike would argue that the IoT has transformed our every day lives for the better. From optimizing business processes to automating monotonous, manual tasks, IoT devices are integrated in nearly everything we do. In addition to this, many organizations rely on a web portal for multi-device management. This convenience, however, comes at a cost.

We sat down with Andrew to learn more about his background and journey to CTO, what inspired the development of the ThreatX solution, get his perspective on the future of cybersecurity, and take a look at his new article series on TechTarget's IoT Agenda Blog.

It's no secret that the frequency and intensity of data breaches is growing at an exponential rate. Based on data from Verizon's Data Breach Investigations Report, there were nearly 53,000 incidents and over 2,215 confirmed breaches in a mere 12 months. This confirms the fear that many organizations face that hackers are thriving in an expanded playing field, and organizations don't have the resources or the bandwidth to keep up. 

In response to this and similar trends, businesses are commonly resorting to impulse investments in technology and resources that promise stronger defenses. Unfortunately, these rash decisions often cause security strategy misalignment - the results of which often mirror the likes of data breaches in their negative impact on the business.

On August 8 and 9 in Las Vegas, thousands of cybersecurity enthusiasts, practitioners and executives will be in attendance at Black Hat 2018. We are thrilled to be among the participants at this year's event.

We recently co-hosted a webinar with SANS Institute, Your Current Approaches to Threat Detection and Neutralization are Broken. During that webcast, experts from ThreatX and SANS addressed the current challenges inherent in protecting your web applications in today's complex hybrid cloud environments, and the common inefficiencies of some legacy WAF approaches.

This discussion sparked various questions, some of which we receive quite often. In case you missed it, we compiled the answers to the mosts frequently asked questions.

Despite its theoretical conception in the 1960s¹, cloud computing has only truly emerged and taken hold in the last decade. Organizations are now striving to find the balance in utilizing both the private and public cloud - what we refer to as the hybrid cloud environment.

While this middle ground has allowed for greater flexibility, it also complicates the desire and need to protect the data housed in these environments. Not to mention the sure volume of data, which grows at an annual compounding rate of 42% (according to the IDC). As a result, it is unrealistic to expect static signature-based security models to remain effective while continuing to offer protection for today's web applications. In this respect, legacy approaches to web application protection are fundamentally broken and often result in:

• Costly false positives
• Poor application response times
• Impeding agile development
• Overworked security teams
• Untenable event analysis and maintenance burdens