Winning the battle  against blended threats

Posted by Tom Hickman on Oct 23, 2020 8:00:00 AM


Read More

Topics: Web, Application & Hybrid Cloud Security, Threat Intelligence

Prune the Sprawl. Get Better AppSec.

Posted by Gene Fay on Sep 28, 2020 9:55:59 AM

“We are all just prisoners here of our own device. 
--The Eagles  

“Help me get rid of some of this stuff, or I’m gonna f’n lose it.
--Anonymous CISO 

I’m going to go out on a very sturdy limb and say that The Eagles weren’t thinking about cybersecurity when they penned that line in Hotel California. Yet my recent conversations with CIOs and CISOs have made it abundantly clear that many security organizations are facing a similar situation. An excess of security tools has led to out-of-control costs and compounding complexity that makes security inefficient and threatens to make organizations less secure. Instead of stopping threats, many security teams end up like fishermen tangled in their own nets - immobilized and paying extra for the privilege.  

Read More

Topics: Web, Application & Hybrid Cloud Security, Threat Intelligence

The Many Faces of Bad Bots

Posted by Gene Fay on Sep 1, 2020 7:45:00 AM

Bad bots and malicious automation are one of the few technology challenges that can materially impact on every business team inside an organization. With up to 50% of Internet traffic generated by bots, organizations are awash in a sea of automated visitors. Some bots are benign, others aren’t. Those that aren't can interfere with customer acquisition. They steal data and intellectual property. They erode application performance. They directly defraud businesses.

Read More

Topics: Web, Application & Hybrid Cloud Security, Threat Intelligence

Five Reasons Agentless AppSec is the Right Choice

Posted by Tom Hickman on Aug 26, 2020 8:45:00 AM


I’m a big fan of the ThreatX agentless architecture. It simplifies many of aspects of deployment and side-steps a lot of the problems with agent-based architecture.

Read More

Topics: Web, Application & Hybrid Cloud Security, Threat Intelligence, Company | Product Updates

ThreatX Integrates with Cortex XSOAR by Palo Alto Networks

Posted by Gene Fay on Jul 7, 2020 3:53:56 PM

Today I am proud to announce the integration of the ThreatX WAAP with the Palo Alto Networks XSOAR platform. You can read the official announcement for more details here. This integration is exciting for me personally because it tackles one of the most important issues I see facing enterprise security teams regardless of size or industry. Virtually every organization needs to get more leverage out of their security tools, whether that means arming analysts with critical data or turning that data into automated responses. This integration lets organizations harness the power of the ThreatX’s web application + api protection + bog protection + DDoS attack mitigation (WAAP++) platform for such things as risk scores, entity details, and other insights and leverage that data across the enterprise so that teams can do more, faster. 

Read More

Topics: Web, Application & Hybrid Cloud Security, Company | News

Fighting the AppSec Fight: Don't sell products. Create partnerships.

Posted by Chris Brazdziunas on Mar 18, 2020 9:26:34 AM

It’s been a few weeks since we closed the book on another RSA conference. And as always, it was nice to catch up with old friends, meet new ones, and talk to many of the security professionals who are on the frontlines of AppSec every day.

However, after spending some time on the show floor, one thing really stood out for me: vendors were selling security products, and most attendees were looking for security partnerships.

Every vendor seemingly has a promise for why their technology, products, or features are better than their competitors. But ultimately, it falls to the customers to take a leap of faith, invest in a product, staff the product, and make it deliver on its promises. It is the customer that must do the heavy lifting and take on the risk.

Read More

Topics: Web, Application & Hybrid Cloud Security, Threat Intelligence

OWASP TOP 10: APIs Take Center Stage in Latest List of Priorities

Posted by Chris Brazdziunas on Feb 12, 2020 7:57:58 AM

OWASP recently released the first iteration of the API Security Top 10. Like the ubiquitous OWASP Top 10, the API Security Top 10 delivers a prioritized list of the most critical application security issues with a focus on the API side of applications. This is a critical new tool for AppSec teams that hones in on one of the fastest growing, yet chronically under-addressed aspects of security. In this blog, I’d like to offer you an overview of the API top 10 with comparisons to the OWASP top 10 for web applications.

Read More

Topics: Web, Application & Hybrid Cloud Security, Threat Intelligence

Better Security + More Efficient Ops with a Unified Approach to AppSec

Posted by Chris Brazdziunas on Aug 19, 2019 11:52:55 AM

As the demands of both modern applications and complex threat landscapes have continued to increase, many organizations have been forced to adopt an ever-growing list of new, specialized security tools in an attempt to keep pace. This often includes a mixture of WAFs, anti-bot tools, DDoS prevention, behavioral and analytics tools, intelligence feeds, and more. However, a fractured approach to security is rarely effective and almost never efficient. 

Read More

Topics: Web, Application & Hybrid Cloud Security

ThreatX Labs - Blog

Arm yourself with information and insights on the latest cybersecurity trends to defend against today's most advanced cyber criminals with articles from the leader in SaaS-based web application firewall solutions.

Subscribe Here!

Recent Posts

Follow Me