ThreatX

ThreatX provides a unified platform for API and application security, focusing on observability, vulnerability prevention, and threat protection. The company’s mission is to fundamentally change how applications and APIs are built and secured by offering real-time protection against a wide range of cyber threats. This includes DDoS attacks, botnets, API abuse, and zero-day attacks. ThreatX aims to eliminate these risks for its clients without adding complexity, allowing them to secure their digital assets with confidence.

In the market, ThreatX is recognized as a leading and fast-growing technology company in the API and application protection space. It has been identified as a Representative Vendor by industry analyst firm Gartner. The company is trusted by businesses across various industries to protect their APIs and applications 24/7. ThreatX’s approach is described as attacker-centric, utilizing behavioral analytics and AI to identify and block malicious actors in real-time, which distinguishes it from traditional, rule-based security solutions.

Offerings, Capabilities, and Integrations

ThreatX offers a unified platform for API and web application protection that provides real-time visibility, vulnerability prevention, and threat protection. Its core capability lies in its attacker-centric approach, which analyzes behavior over time to identify and block malicious actors, rather than relying solely on signature-based detection. This allows ThreatX to defend against a wide range of threats, including DDoS attacks, complex botnets, API abuse, and zero-day vulnerabilities. A key differentiator for ThreatX is its managed service component, providing customers with 24/7 access to security experts who monitor threats and manage the platform. This combination of technology and human expertise helps to reduce the burden on internal security teams. ThreatX’s platform is designed for multi-cloud and hybrid environments and integrates with various tools, including SIEM and SOAR platforms, to enhance an organization’s overall security posture.

Products and Services

ThreatX’s primary offering is its Web Application and API Protection (WAAP) platform, which is delivered as a cloud-native service. In early 2025, A10 Networks acquired the assets of ThreatX, incorporating its WAAP solution into the A10 Defend portfolio as ThreatX Protect. The platform’s services can be broken down into the following key areas:

• API Attack Protection: This is a flagship service for ThreatX. It discovers and protects all APIs, including those that may be unknown to an organization (rogue or zombie APIs). The platform enforces schema compliance and protects against a variety of API-specific threats.
• Web Application Firewall (WAF): ThreatX provides next-generation WAF capabilities to protect against common web-based attacks, including the OWASP Top 10.
• Bot Management: The platform accurately identifies and blocks malicious bots and botnets in real-time while allowing legitimate traffic to pass through. This helps prevent attacks like credential stuffing and account takeover.
• DDoS Protection: ThreatX offers protection against Layer 7 DDoS attacks targeting web applications and APIs.
• Protection-as-a-Service: This managed service provides customers with a team of security experts who monitor threats, fine-tune protections, and provide support 24/7.

Target Customers

ThreatX targets a broad range of industries that rely heavily on web applications and APIs for their business operations. These include sectors such as financial services, retail, healthcare, and technology. The company’s solutions are designed for enterprises of various sizes that face a high volume of sophisticated cyber threats. Target customers are often organizations looking to secure their digital assets without dedicating extensive internal resources to managing complex security tools. These customers benefit from ThreatX’s managed service, which provides expert oversight and reduces the operational burden on their security teams. Organizations undergoing digital transformation and expanding their use of APIs find value in ThreatX’s ability to discover and protect their growing attack surface. Ultimately, ThreatX serves businesses that need to ensure the availability and security of their critical online services to maintain brand reputation and customer trust.

Cloud Integrations and Marketplaces

ThreatX offers cloud-agnostic protection for APIs and applications, with flexible deployment options for multi-cloud and hybrid environments. The platform has a presence on major cloud marketplaces and provides integrations to protect workloads across different cloud providers.

• Microsoft Azure: ThreatX is available on the Microsoft Azure Marketplace. It offers ThreatX Protect, an API and application protection platform that defends against threats such as DDoS attempts, bot attacks, and API abuse. A ThreatX WAF solution is also available, which integrates with Microsoft Sentinel.
• Amazon Web Services (AWS): ThreatX provides its TX Protect sensor as an Amazon Machine Image (AMI) on the AWS Marketplace. This allows for the deployment of application security within AWS Virtual Private Clouds (VPCs).
• Google Cloud: For Google Cloud, ThreatX provides a WAF Sensor as a GCP image. This sensor can be deployed in Google Cloud environments and supports high-availability configurations behind a Google Network Load Balancer.

Key People

• Chief Executive Officer, Board Member: Gene Fay.
• Co-Founder, Chief Product Officer and Board Member: Bret Settle.
• Co-Founder: Andrius Useckas.
• Chief Revenue Officer: Michael Connolly.
• Chief Financial Officer: Libby Merrill.
• VP, Business Development: Mike Rogers.
• Board Member: Tom Axbey.
• Board Member: Steve Fredrick.
• Board Member: Greg Dracon.
• Board Member: Frank Medicino III.

Key Facts

• Headquarters Location: Boston, MA
• Number of Employees: 25-100
• Annual Revenue: $10M-$50M
• Parent Company: A10 Networks.
• Subsidiary Companies: None
• Publicly Listed: No.

Analyst Recognition

Gartner has recognized ThreatX in the Web Application and API Protection (WAAP) category. Specifically, Gartner has included ThreatX in the following reports:

• Gartner Magic Quadrant for Cloud Web App and API Protection (WAAP): ThreatX was recognized in the 2022 report.
• Gartner Magic Quadrant for Web Application and API Protection: ThreatX was named a Visionary in the 2021 report.
• Gartner Market Guide for Cloud Web Application and API Protection: ThreatX was recognized as a Representative Vendor in the November 2023 guide.
• Gartner Hype Cycle Reports: In 2023, ThreatX was identified as a Sample Vendor in the Hype Cycle for Application Security, the Hype Cycle for APIs, and the Hype Cycle for Workload and Network Security within the Cloud WAAP and API Threat Protection categories.

There is no information available indicating that ThreatX has been recognized by Forrester, IDC, or Everest Group.