The Proliferation of Web Application Attacks – “Ain’t Nobody Got Time for That!”

PUBLISHED ON July 2, 2018
LAST UPDATED March 22, 2022

Today, security teams are challenged to protect the large attack surface created by complex application environments. Mix in APIs and microservices and it has become nearly impossible for security teams to adequately manage the multiple security products required or conduct manual threat analysis. So what’s the solution? 

WAF security teams are overburdened

Web application attacks are on the rise and show no signs of slowing. According to a recent report, the IT and Finance industries saw the highest average of daily web application attacks at 900.* Some speculate that this is a result of the proliferation of cloud-based apps and the growing complexity of application environments. Others point to the inability for legacy solutions to adapt to these changing circumstances.

“Legacy WAFs have a history of complexity and false positives, which often means they are not deployed widely enough, leaving application portfolios exposed and placing large burdens on security teams,” stated Michael Suby, Stratecast VP of Research at Frost and Sullivan. Perhaps it’s a bit of both. But no matter the cause, organizations are still hunting for a solution.

“In today’s dynamic threat environment, security teams struggle to put together a comprehensive web application security approach, often deploying several standalone products that simply can’t provide a holistic view into vulnerabilities and threats,” says Bret Settle, CEO of ThreatX. The result is an unfortunate trend of exposed data, downed systems, and overworked security teams…..successful businesses don’t have time for that

Bret and the other founders of ThreatX experienced the struggle and frustration associated with adequately protecting web applications first-hand. It was their experience that motivated them to develop a “best of breed” web application security solution. Since its inception in 2014, ThreatX has tirelessly developed and refined its behavior-based web application firewall solution to deliver accurate, real-time, reliable threat detection and neutralization for its customers. “It’s not about what we THINK our customers want, it’s about truly understanding what they NEED,” says Settle. And just last week, we announced the addition of key capabilities based on the expressed needs of our customers, including:

  • “Attacker Centric” dynamic detection and neutralization capabilities: With enhanced DDoS Mitigation and Bot Detection capabilities now included in its behavior-based attack profiling, ThreatX can detect and neutralize with high precision layer 7 attacks, OWASP top threats, Bots, DDoS, and zero-day attacks. ThreatX also features new site and application profiling to help companies block many key exploits of attacks, long before they become an issue. 
  • Container based, native-cloud and SaaS deployment: With continuous innovation in cloud-native and on-premise deployment capabilities, ThreatX customers can now deploy sensors in minutes via SaaS, or Docker native containers in public or private clouds. Once deployed, ThreatX can begin accurately blocking attacks in a matter of hours, providing total coverage and visibility across all web and cloud applications, APIs, and microservices.
  • Advanced Edge Caching and site performance tuning: With new static and dynamic resource caching, image optimization, inlining and manual cache purging, ThreatX’s latest release addresses customer impacting performance issues prevalent in slower, back-end applications and content-heavy web properties.
  • ThreatX Labs operations center: With its new Colorado location, ThreatX Labs extends security team capabilities with proactive identification of target vulnerabilities, and 24×7, expert responses to high-risk events, freeing customers to focus on their core business with the confidence that their application security is addressed.

These new capabilities capitalize on machine learning and attacker profiling to automate the precise detection and neutralization of advanced threats, ultimately freeing up security teams to focus on top risks and overall security strategy. 

This is just the beginning. Customers can expect to see a steady stream of new capabilities as the application environment changes – and ThreatX adapts. Have questions about the solution or want to learn more, contact us today.

*Positive Technologies Web Application Attack Statistics – 2017 in Review   

Learn more about Threat X

About the Author

Mackenzie Jacobson

Mackenzie is the Senior Manager of Digital Marketing at Threat X. She is a detail-oriented marketing professional with experience in B2B strategic marketing development, implementation, and analysis. Through highly-targeted, demand generation campaigns, Mackenzie is committed to bridging the gap between interested prospects and solutions providers, and does so through web, SEO/SEM, email, social, and display advertising campaigns. She has held prior roles managing global demand generation campaigns at a digital marketing agency, tech startups and Fortune 500 company.