CEOCFO Magazine, PO Box 340
Palm Harbor, FL 34682-0340
Phone: 727-480-7070



Business Services | Solutions
Medical | Biotech
Cannabis  | Hemp
Banking | FinTech | Capital
Government Services
Public Companies
 Industrial | Resources

Clean Tech  
Global | Canadian

Lynn Fosse, Senior Editor

Steve Alexander, Associate Editor

Bud Wayne, Marketing
& Production Manager

Christy Rivers - Editorial Associate


Print - PDF  Mobile - PDF

ThreatX Delivers the Functionality of WAFs, API protection, BOT Management and Layer 7 DDoS Mitigation in a Single Platform

Gene Fay




(888) 303-5580

Interview conducted by:

Lynn Fosse, Senior Editor

CEOCFO Magazine

Published – July 7, 2020

CEOCFO: Mr. Fay, what is the concept behind ThreatX?  

Mr. Fay: ThreatX is a Web Application and API Protection (WAAP) platform that also performs Bot management and DDoS mitigation. So, we call ourselves a WAAP++ platform. We help small-to-medium as well as large enterprise clients around the globe protect the apps and APIs that run the world.

CEOCFO: How does your approach to achieving protection differ from other methods?

Mr. Fay: Most companies today have deployed Web Application Firewalls (WAFs) to protect web application assets. WAFs have been around for a long time but are quite difficult to deploy and maintain and can be very expensive. ThreatX was built from the ground up to address inherent shortcomings in traditional and legacy WAFs. ThreatX is a single platform that delivers the typical functionality of WAFs, plus API protection, BOT management and Layer 7 DDoS mitigation. This comprehensive coverage means our customers can increase security while decreasing complexity and overhead.

CEOCFO: What was the challenge in putting all these pieces into one solution?

Mr. Fay: Our co-founders, Bret Settle and Andrew Useckas started the company because they saw a real opportunity to eliminate frustrations they’d experienced while implementing numerous web application security solutions at various companies. After designing and developing a web application protection platform that was easy to deploy and maintain, they added additional functionality to address even more use cases like API protection, Bot management and DDoS Layer 7 mitigation. These additional use cases were in response to customer-driven requests to expand the platform beyond traditional WAF capabilities.

CEOCFO: Are companies looking for a better solution today?

Mr. Fay: As companies of all sizes begin migrating their operations to the cloud, they see web application security--and the complexities associated with it--as a problem that will only get worse if they stick with conventional approaches. This realization that there has to be a better way can be seen across verticals, geographies and company size.

CEOCFO: What is involved in a ThreatX implementation?

Mr. Fay: Deployment is one of our biggest differentiators when it comes to implementation. Andrew, our CTO and co-founder smartly chose a Docker/container methodology that allows ThreatX to be installed and put into blocking within hours, if not a couple of days. In contrast, traditional/legacy WAF deployments often take weeks to months, and sometimes even years. There are even cases where legacy WAFs never get fully deployed because of the difficulties and complexities of the technology.

ThreatX is easy to deploy via a simple reverse proxy. Customers can point to our cloud and start protecting their web applications. And, all our clients go into blocking mode, which is not typical with legacy WAFs because of their potential to block good traffic. ThreatX’s approach results in our customers experiencing orders of magnitude fewer false positives and fewer false negatives.

CEOCFO: Do you find some trepidation from potential customers about starting something new?  How do you ease some of the concern?

Mr. Fay: One advantage we have is that many security teams are currently very frustrated with their existing legacy/traditional WAFs. That makes them more receptive to change and better able to consider a new approach. As web application experts, we can confidently demonstrate why a new approach is needed. It is about educating the market around a fundamentally better solution; one that is easier to deploy, easier to maintain, and just flat out works.

CEOCFO: How do you reach out?

Mr. Fay: We are still a relatively small organization, so we have been doing a lot of traditional marketing, a lot of inbound marketing, as well as engaging our clients through referrals. We announced our “Refer-a-Friend” program a couple of months ago and that has been doing really well to help spread the word about our technology.

CEOCFO: What attracted you to ThreatX?

Mr. Fay: First, it was the ThreatX’s customers. Our retention rates are high; some of the best retention numbers I have ever seen. And, we also have impressive expansion numbers. When customers buy our technology, they tend to buy more of it over time, which is the best indicator that they’re happy with our platform and services. But we know we need to keep working at this every day.  

Second, the team. The people on our team are passionate about making the world a safer place and building the best products possible. There is a great deal of enthusiasm, passion and commitment that makes this a great place.

Lastly, there is the overall market opportunity itself. Companies around the world are exposing more and more web applications and APIs to the outside world. All of that business infrastructure can introduce risk and must, therefore, be protected. The ThreatX platform is elegant and simple to deploy, yet super powerful. Research shows that companies often protection only 10-15% of their applications using legacy/traditional WAFs. That leaves 85%-90% exposed and vulnerable. Because of ThreatX’s ease of deployment, our customer can quickly protect all of their applications, drastically improving their protected footprint. It is truly a game-changer.

CEOCFO: What did you learn when you actually came onboard that surprised you?

Mr. Fay: I’ve joined many startups only to find that the product was not as mature as I thought, or the culture was dramatically different than I originally anticipated. At ThreatX, the biggest surprise is that there was no big surprise. I describe it as a rose that keeps opening up and things keep getting better and better as I uncover more and more potential. The team has more potential. The market has more potential. So, the biggest surprise is that there has not been a big surprise.

CEOCFO: What if any effect has COVID had on the company?

Mr. Fay: The team has been resilient. We are a tech company and we are tech-enabled. So, between Zoom and SharePoint, I don’t think we miss much. From a sales and customer support perspective, we have been able to service our prospects and provide remote support to our existing clients. Certainly, it has had an impact in terms of some of our acceleration, but we have been able to optimize around it. I think we have proved that we can be resilient as an organization.

CEOCFO: Are you seeking funding, partnerships and investments?

Mr. Fay: Yes, we are. We are actively working to secure funding and I am happy to say that we have some strong interest from some noteworthy investment firms.

CEOCFO: What is the timetable and what do you see for the next year or so at ThreatX?

Mr. Fay: ThreatX’s goal is to get our WAAP++ platform deployed in as many great companies around the world as possible and build a culture for our employees that enables them to love what they do and collaborate with clients to protect web applications and APIs, manage Bots and mitigate DDoS attacks.

Over the next couple of years, we plan to grow the team and the customer base. We are focused on making this a very successful venture and think we are at the inflection point to accelerate the business because of the robustness of the technology and the types of clients we attract.

ThreatX, Web Application and API Protection, WAF Protection, AppSec Tools, Bot Management, DDoS Mitigation, Gene Fay, ThreatX Delivers the Functionality of WAFs, API protection, BOT Management and Layer 7 DDoS Mitigation in a Single Platform, application security, WAAP, AppSec as a Service, SecOps Insights, Web Application and API Protection Platform, WAAP platform for hybrid cloud environments, threat lifecycle prevention, ThreatX Press Releases, News, Twitter, Facebook, Linkedin

“ThreatX was built from the ground up to address inherent shortcomings in traditional and legacy WAFs. ThreatX is a single platform that delivers the typical functionality of WAFs, plus API protection, BOT management and Layer 7 DDoS mitigation. This comprehensive coverage enables our customers to increase security while decreasing complexity and overhead.”
Gene Fay