Embedded in the ThreatX SOC: My First 30 Days

PUBLISHED ON September 16, 2019
LAST UPDATED March 18, 2022

I joined ThreatX’s SOC as the Director of Security about 30 days ago now, and as with any SOC, days are hectic.  In some cases, nights are too. Even so, one of my first objectives at ThreatX was to meet with a few current customers to gather feedback from them about what is working, and what isn’t. 

anticipated that I would be selling” the value of our SOCmaking sure they were fully utilizing our services. I wanted to hear their concerns so that we could find ways to improve our current processes. 

I was surprised with the feedback I received. Instead of hearing a list of things we could have done better, which is what I’d expected, I heard sincere gratitude.  During that first week alone, I heard specific examples from three separate customers that illustrated the value they believed they’re getting and the appreciation they have for ThreatX’s SOC.   

The first customer that I interacted with, a large healthcare management organization, has an internal NOC and team of network security staff, but no application security expertise and therefore no one that deeply understands modern threats targeting APIs and other web applications. ThreatX’s SOC fills that knowledge gap to ensure that this customer’s perimeter applications are secure from threats while simultaneously allowing legitimate traffic to traverse unblocked.  As more and more devices are connected to the internet and external APIs become more popular, it is crucial that organizations have access to AppSec expertise. Due to the talent drought that currently exists in cybersecurity, AppSec talent can be very hard to come by: supply is far from meeting the market’s demands. 

The next customer I spoke withTechnology Services company in the Fortune 1000, was thrilled about having ThreatX serve as an extension to their team and be trusted advisors when questions aroseThey are not sufficiently staffed to implement WAF, investigate requests and entities that are being blocked, and work with the application development team when things are misconfigured or unavailable on their applications.  The fact that ThreatX’s SOC team routinely performs these activities for customers is a huge win for them, and it means they can focus their limited staff elsewhere. And, as a global organization, they love the near-instant response times for tickets and 24x7x365 access to the ThreatX SOC. 

The third customer, a large IT Service Management company, said, “ThreatX just works.” He continued, “There’s no way we would have been able to onboard so many applications so quickly with any other WAF”. Unsurprisingly, they also highly value the attention that they receive form ThreatX’s SOC team when they need it.  As an example, our team was on 12 hours of calls with this customer over the course of my first two days at ThreatX. The customer explained that the ThreatX SOC doesn’t simply close tickets, but always follows through with all requests until completion.    

Consistently exceeding customer expectations 

Exceptional support is rare in the current security market.  Let’s face it, even acceptable support is lacking in many cases.  As a result, I was delighted to hear that ThreatX was consistently exceeding customer expectations and had a reputation for success. Customers rightfully expect ThreatX to maintain near-instant response times for tickets and get resources on the phone as quickly as possible to thoroughly resolve their issues. I am unconditionally dedicated to ensuring that ThreatX’s SOC team continues to deliver on that expectation.   

The goal of any managed SOC is to provide customers with expert resources to extend their existing internal resource pool.  Hearing the confidence that is placed in our SOC validated the fact that ThreatX is already doing a lot of things very well and has placed a strong emphasis on customer success. Below is a list of items we provide that have been consistently referenced as huge successes for our customers:  

  • Application security focused analysts and engineers to proactively warn of malicious actors and mitigate threats in real-time 
  • Virtual patching of zero-day attacks targeting customer applications that have been noticed across our entire customer base 
  • Security expertise available 24/7 so that customers know we’ve got their backs if unexpected behavior is observed. We’re committed to delivering availability and responding to urgent issues within minutes, 24x7x365.

My first 30 days at ThreatX have reaffirmed my decision to join this exceptional company and team. ThreatX is already held in high regard by our customers, and I couldn’t be more excited about the future here.  Customer success is the key to converting a great product into a great company, and that is ingrained in the culture here at ThreatX, from executive leadership down through every individual contributor.  I’m excited to bring my background and experience to ThreatX, and look forward to continuing to build and shape ThreatX’s SOC in a way that supports our customers’ business objectives and protects their many web applications.

While I’m encouraged by the positive customer feedback I received, I’ve recognize there is always room for improvement.  If you’re a current ThreatX customer and have feedback or suggestions related to our current SOC processes and procedures, please reach out to me at sean.zoske@threatx.com.  I’d love to set-up a call and discuss a path forward for improvement that works for you. 

About the Author

Sean Zoske

As director of security at ThreatX, Sean Zoske leads the security operations center to guarantee successful implementations and ongoing operations for the customers of ThreatX. Prior to joining ThreatX, Sean was a manager on the cyber integration & innovation team at Optiv Security, the largest pure-play security solutions integrator in the world. Sean has an extensive background in security intelligence and operations consulting, having managed the implementation of new technologies and processes for well over 100 organizations in recent years, including many of the Fortune 500.