This Way to WAAP

PUBLISHED ON July 23, 2020
LAST UPDATED March 18, 2022

I’m excited, y’all! We’ve just published a cool piece of content that everyone with an interest in AppSec should take a look at. 


It’s about the emerging security sector known as WAAP. The white paper gets into the term, and a bit of the history and evolution in the security industry that led Gartner to coin the term WAAP (Web Application and API Protection), and the evolution to WAAP to highlight the ensemble detection capabilities necessary in an AppSec platform. 


It’s gratifying to see both security analysts and practitioners affirming the vision on which ThreatX was founded. What’s needed is evolutionary growth from next-gen WAFs:

  • evolution that responds to evolving threats,
  • evolution that creates new defense strategies that combine complexity with multi-faceted analysis
  • evolution that makes it easier to stay one step ahead of the bad guys

Bret Settle and Andrew Useckas our founders, who currently wear Chief Strategy Officer and Chief Technology Officer hats respectively were prescient in their vision that any viable security platform needs massively expanded scope and depth. And it’s cool that they started building that before the “sector” was named by Gartner.  

It’s also gratifying that I’m working at a company that meets the buying criteria of almost every security practitioner I’ve talked with or sold to over the last two decades vendor consolidation. Fractured and highly-faceted point-fix solutions make hard problems even more complicated, and many times I’ve heard “vendor consolidation” identified as a key buying criteria.  


Our WAAP platform puts a check in that box for sure! It also checks a bunch of other boxes, and I think it’s worth checking out if you’re on the wall for your enterprise, securing your application portfolio.

The white paper explains more about what we do and how we do it, and will really help you grok this emerging sector! It’s worth the investment in time for that alone, because WAAP is here to stay! 

You can download the WAF to WAAP | A 3-Step Plan to Modernize Your AppSec here.

About the Author

Tom Hickman

Tom has a long track record of building and scaling product delivery capabilities at mid- and growth-stage startups. He served as the VP of Engineering at Edgewise Networks, where he led engineering through early releases of Edgewise’s zero-trust micro-segmentation product. While at Veracode, a leader in AppSec, Hickman led engineering through an Agile transformation and helped the company become a true multi-faceted AppSec platform prior to its acquisition by CA Technologies in 2017. Tom holds a B.S. degree in mechanical engineering from the Georgia Institute of Technology.