Announcements

Release Date: January 24th, 2023

User Documentation 

We have updated our documentation set to include the following guides:

Overview Guide: Learn about the ThreatX platform, how our technology works, and the visibility and protection our dashboards provide. Click here.

Analyst Guide: For security analysts, the guide discusses the analytical data presented in the dashboards. Click here.

Administrator Guide: Discusses the configurations and settings to be managed by the ThreatX SOC, your local administrator, or both. Click here.

Release Date: January 3rd, 2024

ThreatX mTLS Support

ThreatX now supports mTLS authentications and Tenant configuration. With this new functionality, users can ensure both parties on both ends of their network connections are who they claim to be through mutual authentication. This new feature helps ensure secure and trusted traffic between client and server.

ThreatX mTLS support increases our mission to protect customers globally from sophisticated threats to all APIs and applications through proven technology, advanced attacker & risk analytics, and managed services​ by offering customers a self-service way to authenticate downstream and upstream traffic 24/7.

Release Date: September 6th, 2023

API Catalog Sensitive Data 

ThreatX expands its platform offering with the release of a Sensitive Data enhancement to the API catalog 2.0. The new feature, unveiled at the Black Hat Conference 2023, extends the ThreatX platform into the protection of sensitive information.

The ThreatX Sensitive Data feature enhances the API Catalog by flagging and preventing exposure of sensitive identification information, such as passwords, credit card numbers, social security numbers, Individual Taxpayer Identification Numbers (ITINs), and next generation passports. The feature reports only sensitive data that is in plain text, not partial or obfuscated data, such as ***-**-1234, and it does not store sensitive data due to security and compliance reasons.

Release Date: April 26th, 2023 

Botnet Console and API Catalog 2.0 

ThreatX has expanded its platform offering with the release of a new Botnet Console and API catalog 2.0. These new dashboards, unveiled at RSA Conference 2023, will help security teams rapidly investigate automated threats and attempts to abuse APIs with enhanced metrics, analytics, and visualizations. 

The Botnet Console provides security teams with a powerful view for monitoring botnets and other forms of malicious, automated traffic. With its enhanced visibility, security teams can quickly identify and respond to changing automated threats before APIs and applications are affected or breached. Given the increasing use of bots to carry out volumetric attacks, such as credential stuffing, account takeover, and DDoS, the fully integrated Botnet Console is a necessity for maintaining a strong security posture in today’s threat landscape. 

The API catalog 2.0 offers security teams a comprehensive solution for managing APIs and investigating attackers targeting them. With its redesigned dashboard and advanced analytics, ThreatX’s API catalog 2.0 empowers security teams to investigate threats with the confidence of knowing that real-time, risk-based blocking has already thwarted attackers. 

Release Date: September 12th, 2022 

Single Sign On – Azure AD B2C 

ThreatX is increasing security for our customers by providing the option to use Single Sign On (SSO) using SAML integration for Azure B2C.

Release Date: August 15th, 2022 

Search, Sort, Filter Capability – Attack Dashboard 

The Threat Entities table in the Attack Dashboard now has new functionality allowing users to search, sort, and filter the data by specific columns and criteria. To learn more about the Attack Dashboard, visit Using ThreatX. 

Release Date: June 22nd, 2022 

Allow List / Deny List Expiration: IP Address 

ThreatX users are now able to set an expiration date for an IP address that has been added to the allow or deny list. This enhancement provides clarity on the exact timeframe that an IP address will be on the allow or deny list.  

Release Date: April 22nd, 2022 

GraphQL Profiling – API Defender 

ThreatX now supports API Discovery for GraphQL endpoints to provide visibility into web applications utilizing the alternative API protocol. GraphQL endpoints will be profiled at the site and endpoint level within ThreatX’s API Defender.  

Customize OpenAPI Schema 

Schema customization is now available in ThreatX’s API Defender. This functionality provides users the ability to fine-tune and add API endpoints that aren’t already included in their uploaded API schema specification files, to an existing schema or append to a new API schema. To learn more about API Defender, visit Using ThreatX 

OpenAPI Schema Export  

ThreatX users are now able to export their Open API schema from the API Defender, Schema Management page. 

Release Date: March 29th, 2022 

Schema Compliance 

ThreatX’s API Defender dashboard includes major enhancements to expand visibility into API traffic analytics, error code summaries, and the ability to visualize all API schema conformance to compare which API traffic is expected vs. an anomaly against the organization’s API specifications. Some of the latest capabilities allow users to upload, manage, and cross-compare API traffic by schema conformance to understand risk across their organization’s attack surface. Users can customize their organization’s schema on the fly or create API-centered protection rules.  

Release Date: March 29th, 2022 

Rebranded – API Catalog 

ThreatX has rebranded what was previously known as API Catalog to API Defender. Our API Defender dashboard does more than catalog APIs; it brings together API discovery, observability, and the context needed to understand an organization’s entire attack surface against what is being seen in the wild. To learn more about API Defender, visit Using ThreatX 

Release Date: March 29th, 2022 

API and Web Filtering – Attack Dashboard 

Filtering by API or Web traffic is now available in the Top Targets view of the Attack Dashboard. Users can easily filter by which aspects of their Web Application is being heavily targeted for detailed visibility into the attacker’s perspective. To learn more about the Attack Dashboard, visit Using ThreatX 

Release Date: February 18th, 2022 

Endpoint Filtering – API Catalog 

Endpoint filtering is now available via the API Catalog. Users can quickly identify which endpoints are active and inactive for a specific time range using the Total Requests filter.  This filter option also provides a total count of active and inactive endpoints for the specific time range selected. To learn more about the API Catalog, visit Using ThreatX  

Release Date: December 8th, 2021 

Entity Overview – API Catalog 

Each API endpoint can be targeted by multiple entities. To provide visibility into each entity and endpoint, we’ve included an Entity Overview for each endpoint listed in API Catalog. This view provides details into each entity’s risk, classification, and other attributes associated with the type of attack being performed, IP addresses, ThreatX’s block state and more. To learn more about the API Catalog, visit Using ThreatX 

Release Date: October 25th, 2021 

API Profiling/Endpoint Statistics – Attack Dashboard 

This release provides new functionality around identifying profiled APIs seen in match event activity and a new Endpoint Statistics tab on the Entity Details Page. In the Endpoint Statistics tab, users can preview which API and non-API endpoints are the most targeted per entity. To learn more about the Attack Dashboard, visit Using ThreatX 

Release Date: October 4th, 2021 

Feature Enhancements – Attack Dashboard 

IPs can now be bulk uploaded to the blocked, denied, allowed, and ignored lists. Users can find this functionality in the Lists page in admin tools. Additionally, RPS stats have been added to the Attack Dashboard under the high-level summary for all requests and blocked requests. To learn more about the Attack Dashboard, visit Using ThreatX 

Release Date: September 8th, 2021 

New Interface – Attack Dashboard 

This version of the ThreatX Attack Dashboard includes feature enhancements to view real-time traffic or explore historic traffic and attack data in depth. Both real-time and historic traffic views are now supported in one easy to use page, bringing ThreatX traffic to life with this new interface. Observe the benefits of your web application and API protection from ThreatX with modern time driven visualizations of your request and attack traffic. To learn more about the Attack Dashboard, visit Using ThreatX 

Release Date: July 30th, 2021 

Advanced SSL Configuration 

This release provides users with the ability to select advanced SSL configuration options for sites protected by the ThreatX Platform. Users can navigate to the Sites page within Admin settings to select advanced SSL configuration for specific sites.  

Release Date: May 26th, 2021 

General Availability Support – API Catalog 

This version of the ThreatX Dashboard includes features and improvements intended to establish General Availability for the new API Catalog page. The API Catalog page codifies and summarizes the API surface area of systems being protected by ThreatX. While API endpoints have always been protected by ThreatX’s best-of-breed Web Application & API Protection, the API Catalog page provides administrators with an enhanced level of insight and analysis into their API attack surface, derived from actual traffic.