The Best Cybersecurity Training in the World - No Travel Required! Learn More


To attend this webcast, login to your SANS Account or create your Account.

How Effective is Your WAF Protection? - Metrics & Key Considerations

  • Thursday, May 2nd, 2019 at 1:00 PM EDT (17:00:00 UTC)
  • Chris Brazdziunas and Will Woodson
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.


  • ThreatX

You can now attend the webcast using your mobile device!


With all of the daily distractions that security professionals face, it is easy to forget that Application Security is an inherently pragmatic and numbers-driven discipline. Frequent and sophisticated threats demand a large portion of the little time and resources security teams have. In order to keep pace, we need our WAFs to perform at peak efficiency. Many security teams would argue that theirs is not, and struggle to identify where to start diagnosing the problem.

In this webinar, we bring an AppSec focus to the old adage of what gets measured, gets improved. We dive into the bottlenecks of current WAFs and address the key metrics that you should be holding your WAF against. Well answer such questions as:

  • How can you establish benchmarks for threat detection and protection?
  • What is the true cost of a false positive and an underperforming WAF?
  • How should I measure WAF operational cost?
  • How important are deployment time and the impact of application updates on the success of my security strategy?
  • Whats the best way to measure and evaluate WAF performance over time?
  • How can you measure application security posture?

Join Chris Brazdziunas, Chief Product Officer, and Will Woodson, Lead Security Engineer, at ThreatX, for this 45-minute discussion where they will focus on the empirical side of application security and share guidance that you can use to improve your security practice

Speaker Bios

Chris Brazdziunas

Chris has a proven track record of leading global product and R&D organizations to deliver large-scale enterprise software and security solutions. Prior to joining ThreatX, Chris held multiple senior product management and engineering positions, most recently serving as the Vice President Product at market leading SIEM provider LogRhythm, where she was responsible for product strategy, product operations, and development. Chris holds an M.S. degree in Information Networking from Carnegie Mellon University and a B.S. in Computer Engineering from the University of Illinois.

Will Woodson

Willís background is in security operations, working in the financial services sector and as a federal employee in engineering & analytical roles. He holds several industry certifications including a CISSP and is active in multiple information security community groups. As Lead Security Engineer, Will partners withThreatX customers to ensure they receive comprehensive protection for their application portfolio, all while retaining full visibility of their security posture and application landscape.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.