Tom Hickman

Tom Hickman
Tom has a long track record of building and scaling product delivery capabilities at mid- and growth-stage startups. He served as the VP of Engineering at Edgewise Networks, where he led engineering through early releases of Edgewise’s zero-trust micro-segmentation product. While at Veracode, a leader in AppSec, Hickman led engineering through an Agile transformation and helped the company become a true multi-faceted AppSec platform prior to its acquisition by CA Technologies in 2017. Tom holds a B.S. degree in mechanical engineering from the Georgia Institute of Technology.
Find me on:

Recent Posts

Five Reasons Agentless AppSec is the Right Choice

Posted by Tom Hickman on Aug 26, 2020 8:45:00 AM


I’m a big fan of the ThreatX agentless architecture. It simplifies many of aspects of deployment and side-steps a lot of the problems with agent-based architecture.

Read More

Topics: Web, Application & Hybrid Cloud Security, Threat Intelligence, Company | Product Updates

This Way to WAAP++

Posted by Tom Hickman on Jul 23, 2020 10:53:55 AM

I’m excited, y’all! We’ve just published a cool piece of content that everyone with an interest in AppSec should take a look at. 

Read More

3 Steps to Improve Your AppSec Using ThreatX and Splunk Phantom

Posted by Tom Hickman on Jul 15, 2020 7:13:18 PM

Modern AppSec and security teams face enormous challenges of scale when it comes to their daily workload. Organizations need to secure more applications and APIs than ever before, and those apps and APIs are under constant attack from increasingly sophisticated methods. Security staff has to parse and analyze an avalanche of alerts and data to stay ahead of bad actors and continuously improve the security posture of their organization. Collectively, this is a perfect storm that can put even the best security teams under intense strain.

Read More

Topics: Company | Product Updates

You Wouldn’t Buy a Home Without an Inspection. Why Buy a Company Without One?

Posted by Tom Hickman on Jun 29, 2020 6:30:00 AM

Mergers and acquisitions are some of the most important, exciting, and often messy aspects of the business world. Having been through the process several times, both as an acquirer and an acquiree, I can personally attest that technology and security are areas where things can get particularly messy. Buyers and sellers will often have very different approaches to security–different levels of operational maturity, different tools, and different threat profiles. This means that many of the details about security posture and risk only become known after an acquisition is complete. Yikes!

While no technology can tame all the challenges of an acquisition, ThreatX’s web application and API protection +Bot + DDoS (WAAP++) platform can give organizations an easy, yet powerful way to wrestle control over AppSec. Because it can be up and running in just a few hours, ThreatX can help uncover problems during the due diligence process; letting security teams quickly triage and deliver core protections to newly acquired sites and apps after the merger is complete. Let’s take a closer look.

Read More

Topics: Company | Product Updates

My First 100 Days

Posted by Tom Hickman on Jun 5, 2020 9:30:00 AM

If you manage yourself well over the course of your career, you’ll get maybe a half-dozen shots at your “first 100 days. Any more than that and you might be job hopping too muchAny less, and you might be staying in your comfort zone for too long. 

Read More

Topics: Company | People

ThreatX Labs - Blog

Arm yourself with information and insights on the latest cybersecurity trends to defend against today's most advanced cyber criminals with articles from the leader in SaaS-based web application firewall solutions.

Subscribe Here!

Recent Posts

Follow Me