VMblog: If you were giving a KubeCon attendee a quick overview of the company, what would you say? How would you describe the company?
Dave Howell: ThreatX provides managed API and application protection, from the edge to runtime. Most customers we work with are moving apps and workloads to the cloud, and this introduces a whole new set of security challenges. We built our platform to give customers the ability to protect APIs and apps in this context. Our managed services are also a huge value add, as our Protection-as-a-Service team acts as an extension of our customers' security organization.
VMblog: Your company is sponsoring this year's KubeCon + CloudNativeCon event. Can you talk about what that sponsorship looks like?
Howell: We could not be more excited to be part of KubeCon this year! This is ThreatX's first time exhibiting at the show, and we chose to participate after launching a new solution, ThreatX Runtime API & App Protection (RAAP), earlier this year. RAAP is specifically built to protect APIs and apps against runtime threats within Kubernetes environments. Given this, we thought KubeCon would be the perfect venue for us to meet customers and demo some of the cool new capabilities we have to offer.
VMblog: How can attendees of the event find you? What do you have planned at your booth this year? What type of things will attendees be able to do at your booth?
Howell: We are going to be on the exhibit floor throughout the show, talking runtime API & app protection to anyone who's up for it! Our lead product manager, Tyler Hill, is responsible for our RAAP solution; he'll be there Wednesday and Thursday next week. Tyler is a great guy to talk with about how we think about API protection in the context of Kubernetes; he'll also be ready (and excited!) to demo the platform. Our CEO, Gene Fay, will also be there. He's a great leader to connect with, as well.
We also recently published a new guide - "All You Need to Know About Protecting Against Runtime Threats to APIs and Applications." We'll have copies in the booth for anyone interested.
VMblog: What kind of message will an attendee hear from you this year? What will they take back to help sell their management team and decision makers?
Howell: I think the main thing we would encourage attendees to consider: do you have a handle on your API and app attack surface - and can you protect these assets across complex, cloud environments?
None of this is easy. As apps and workloads move to the cloud, these assets and the APIs that connect them face new threats. East-west cloud traffic, zero days that evade edge defenses (Log4J is a good example), and insiders all increase risk. It's important to get a handle on your attack surface, and to get the right security strategy in place.
VMblog: Where does your company fit within the container, cloud, Kubernetes ecosystem?
Howell: ThreatX fits into the security domain within the broader Kubernetes ecosystem. If you are a Kubernetes house, and have APIs and applications you need to protect, we're a great company to speak with.
VMblog: KubeCon + CloudNativeCon is typically a great venue for a company to launch a new product or an update to an existing product. Will your company be announcing anything new? If so, can you give us a sneak preview?
Howell: Great question! And, yes, we are excited to use KubeCon as the launch venue for new capabilities we've built. We are happy to get into more detail at the show, but at a high level some of the new stuff we're offering our customers:
- Correlation of network edge transactions (requests and responses) with runtime events within K8 environments
- Blocking malicious traffic and high-risk runtime events in real-time - this is a huge differentiator for us.
- Providing a unified view of risk from the edge to runtime, with dashboards designed for execs, such as CISOs, as well as those that support what a threat hunter or analyst might need to do their job.
VMblog: Do you have any advice for attendees of the show?
Howell: Meet as many people as you can and have fun! These shows are great opportunities to check out what's out there and what's new. Make the most of it. And, hopefully ThreatX will be part of your KubeCon experience. I'll be there and would love to meet you.