Bret Settle, Co-Founder & CEO, ThreatXBret Settle, Co-Founder & CEO
In today’s expanding threat landscape, traditional forms of web application security lack the sophistication to thwart advanced cyberattacks. The market needs solutions that help enterprises proactively recognize and mitigate potential threats before they strike. ThreatX, a security company founded by Bret Settle and Andrew Useckas, offers a next-generation web application firewall (WAF) that performs automated behavior profiling of attackers and web applications to detect and neutralize real-time threats in hybrid cloud environments. The rapidly deployable ThreatX platform provides WAF security to protect not only websites, but also APIs, cloud apps, and microservices. In an interview with CIO Applications, Bret Settle, co-founder and CEO of ThreatX, discusses how his company is ushering in the 'new era of web application security.'

Give us the back story of ThreatX.

As an experienced CTO, I have managed multiple technology groups and security teams and have overseen the assessment of security postures and the deployment of multiple security solutions. The legacy WAF solutions, however, lacked sophistication and used static rules/ signatures. As a result, they leverage only a small amount of data to identify and block attacks, which generated numerous false positives and greatly hindered decision-making. Clearly, innovation in the security domain was years behind compared to the current state of dynamic business apps and cloud technologies. This, coupled with the security talent crunch, has made it challenging (if not impossible) for organizations to efficiently manage their application security strategy.

Moreover, with the security industry dominated by Fortune 500-1000 companies, small firms lacked the financial resources, staff, and skill sets to adopt and manage security solutions. To tackle these limitations, Andrew and I founded ThreatX in 2014. Centered on user analytics and quality data, ThreatX tracks a threat actor's interaction with an application and builds risk profiles to detect and neutralize cyberthreats proactively.

Describe your solution to us highlighting its value in today’s complex security expanse.

ThreatX is a next-gen, cloud-based WAF that can be easily and rapidly deployed in legacy and hybrid cloud application environments. Our customers are typically in accurate, full blocking mode within a few days and are not subjected to the burden of maintaining signatures and constant tuning and analysis. Our platform focuses on the IP address of the user and how that IP interacts with applications by continuously reading and analyzing data coming in from various sources. Instead of blocking a user immediately, we gather enough information to paint a complete threat picture before initiating any blocking action, which greatly reduces false positives and helps ensure only malicious traffic is blocked. Our automated attack trail allows us to track the attacker, the techniques they are using, along with the apps and other components targeted. Then, we educate customers on their vulnerabilities, give insights on the level of their sophistication, and help them make swift security decisions.

Tell us about your client engagement strategy.

One of the unique aspects of our solution is that it can be deployed in a reverse proxy mode. That means, users can redirect their application traffic to our platform where it is quarantined, and the threat-free traffic is directed back to their application. Our container-based solution can be deployed in either a hosted cloud environment or on-premises, regardless of the customer’s location. The platform processes the data and a small amount of anonymized metadata is used to correlate and identify attacks much faster for customers across various technologies, and we then arm them with highly actionable recommendations.

As enterprises build and connect more applications and migrate them to the cloud, they must focus on securing a large attack surface from evolving threats with very limited resources. ThreatX is empowering our customers to address sophisticated threat landscapes with greater precision and lower burden

To get customers started, we initiate two-week trials, during which time we conduct a proof of concept. Besides quick deployment, the solution provides information that is specific to each attacker, including the details of their risk levels. We share this data with the customer and walk them through the multiple components of risk and the vulnerabilities that our platform identifies. The bundled information is then put into context where we compare how the customer scored on various technologies that were tested and empower them to fill the security gaps in their applications.

We also offer a managed service, which helps over-burdened security teams gain expertise and visibility across all of their applications and technologies. The SOC monitors and evaluates the applications and guides them in countering sophisticated attacks.

Give us a case study where you helped your client overcome the hurdles through your solution.

A large healthcare organization that was utilizing a well-known legacy WAF solution was struggling to manage the constant tuning of the rule-sets inherent in legacy WAFs. The organization’s global presence required them to deploy applications multiple times across geographies. As a result, the operational burden on their security teams to maintain and tune protection for the applications in each region was enormous. They wanted a cloud-based solution that enabled them to manage not just their on-premises applications, but also, multi-cloud apps. In addition, they wanted it to be easy-to-deploy and manage while still delivering detailed information on their overall attack posture.

We replaced their legacy WAF with the ThreatX WAF and quickly supported their expansion into the cloud across all their geographies. The customer could leverage the ThreatX dashboards to see which entities were attacking them as well as the applications that were vulnerable to various types of attacks. They initially implemented our solution for a smaller footprint that covered around 30 applications, and seeing how accurate our solution was and how quickly we could scale up, expanded their implementation with a full enterprise license to cover over 100 applications.

What does the future hold for ThreatX?

We help enterprises across various industries including healthcare, ecommerce, and media. Apart from the U.S, Australia, and Europe, we have customers with a large geographical footprint that are taking advantage of our ability to scale rapidly across geographies and applications. We are now providing even more capabilities and automation through our platform, including BOT and API protection capabilities so we are providing our customers with full attack spectrum coverage.