One of my favorite activities as CEO of ThreatX is participating in meetings with prospects that have a legacy WAF already installed. In most cases, these discussions involve learning about a legacy WAF that, at best, has never been fully deployed or, at worst, has never been trusted enough to be placed into full blocking mode.
I joined a few such calls last week with our sales team members and CISOs from major corporations. I found these week’s calls particularly interesting because the feedback from the CISOs we spoke with was remarkably consistent across two general KPI trends:
- reducing incident response times, and
- consolidating the number of vendors
It seems, not surprisingly, that CISOs everywhere are still trying to do one or the other – or both.
Because ThreatX’s single-risk engine is attacker-centric and correlates across time and attack vectors—web application security, API protection, Bot management, and DDoS mitigation—it has the unique ability to help CISOs achieve both the response time and vendor consolidation metrics. That ability did not go unnoticed during these conversations. After our team described this one-stop-shop functionality, it immediately triggered discussions around the correlation complexities associated with numerous point solutions vs. ThreatX’s all-in-one-approach.
Since security teams would not have to push logs to a SIEM or data lake to correlate across those point solutions, there was an immediate acknowledgment that ThreatX could be an excellent way for them to reduce incident times. Additionally, if our single risk engine could correlate across attack vectors while watching the attacker and not the individual attacks, it would naturally allow them to reduce the number of vendors in their ecosystem, which seems to be a common objective for all of these CISOs.
These calls with enterprise CISOs continue to affirm my belief that ThreatX is still one of the best kept secrets in web application and API security. And they always re-energize my determination to change that.
#WAAP #botmanagement #WAF #apiprotection