Andrew Useckas of ThreatX
An exclusive Tech Tribune Q&A with Andrew Useckas, the co-founder and CTO of ThreatX, which was honored in our:
Tell us the origin story of ThreatX – what problem were you trying to solve and why?
Bret and I worked for BMC software, where we deployed multiple security solutions: Palo Alto Networks firewalls, security incident & event management (SIEM) solutions, and eventually web application firewalls (WAF).
We were repeatedly disappointed by the choice of technologies available in the market at the time. After going through a proof-of-concept (POC) exercise on multiple solutions, we settled on Imperva.
During the initial deployment, we encountered a lot of false positives and had to dumb-down the ruleset to detect and block just the most obvious attacks to eliminate some of the noise. Even with the basic rule set, we could not find anyone to help manage the solution, as BMC didn’t really have any AppSec experts, and they were also hard to find and hire due to general lack of expertise in the AppSec field.
We knew there must be a better way to do web application security. So, together, we started ThreatX to do just that.
As Bret quotes on the website: “We experienced, first-hand, the lack of coverage for hybrid cloud environments, the poor accuracy and limited intelligence that [traditional WAF solutions] use to identify advanced cyber threats, and their inability to support deep analysis of trends and web application vulnerabilities. So, we built a better solution for web application protection.”
What was the biggest hurdle you encountered in your journey?
With any startup, there are a multitude of hurdles, but I’d have to say that ThreatX’s most formidable hurdle was scalability.
The initial platform was written in Python, which really didn’t work well for collecting real time events and making decisions in realtime, on the fly. So, we decided to rewrite everything in Rust.
We are also an inline solution, and any issue with our sensors could take customer sites down, so we continue to have to be extremely careful – all changes are rigorously tested.
Improvements to our engineering and testing processes have evolved multiple times as the business has grown.
What does the future hold for ThreatX?
Security is a cat and mouse game. We constantly innovate and improve our detection techniques.
What are your thoughts on the local tech startup scene in Louisville?
Louisville is a great place for a startup, mostly due to its location between Denver and Boulder.
We can hire people from both markets without making them commute to downtown Boulder or Denver.
What’s your best advice for aspiring entrepreneurs?
Never give up. If something doesn’t work, throw it out, redesign, and recode it. It is likely that your product, if successful, will be rewritten multiple times.