Threat X, a Denver-based firewall solutions company, has landed $8.2 million in venture capital funding, the company announced on Wednesday.
Threat X provides a software-as-a-service web application firewall (WAF). Its cloud-based threat detection software is deployed on customers’ web applications, where it finds and eliminates threats. The company says its services are highly adaptable to evolving network landscapes, complicated by the mixture of hybrid cloud, web application and legacy environments, as well as APIs for the web, mobile and internet of things.
“The attack surface is very broad,” CEO Brett Settle told CyberScoop. “You’ve got the internet and you’ve got exposure now to virtually anyone in the world that can access your applications. And yet more and more companies are putting more of their business applications either in the cloud or exposing those capabilities to the cloud.”
In a crowded marketplace for WAF services, Settle says what makes Threat X unique its kill-chain based approach. In practice, that means Threat X monitors early-stage suspicious activity in an application and builds a risk profile. It then blocks such activity only when it becomes an actual threat. Settle says that eliminates the occurrence of false positives, which he says happens too often with other providers.
Settle says Threat X came about because the team was “were fairly frustrated with the lack of intelligence and how [other solutions] identified suspicious behavior.”
“You get a lot of false positives,” Settle said. “You get a lot of matching that to the solution looks suspicious, but in reality, it’s just how that application operates.”
Settle said Threat X can be easily deployed onto an application without much customization and uses machine learning to profile the application.
“Our solution can be deployed and within 24 hours is actively blocking and correctly blocking,” he said. “We don’t block until we have a clear audit trail where we know what vulnerabilities trying to access.”
Tech startup-focused Grotech Ventures and Access Venture Partners co-led the Series A funding round.
In the press release, Joe Zell, a partner with Grotech ventures, said that WAF solutions provided by older, more established companies require too much investment for little payoff.
“In most cases the platforms were providing minimal protection and generating significant noise from false positives. With the universal shortage of security expertise, all today’s CISO wants is a solution that can deliver quick and accurate application threat coverage while allowing them to focus their teams on other issues,” Zell said.
Settle said Threat X’s model from a technical perspective is already fairly efficient, so the funding will mostly go to growing its customer base and team.
“This round of funding is really to allow us to go very aggressively at the marketplace with our marketing and our sales efforts and then incrementally grow the technology team alongside it,” he said.