$400 Amazon Gift Card with OnDemand Training through March 10 - Learn More!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

How Effective is Your WAF Protection? - Metrics & Key Considerations

  • Thursday, May 02, 2019 at 1:00 PM EDT (2019-05-02 17:00:00 UTC)
  • Chris Brazdziunas, Will Woodson


  • ThreatX

You can now attend the webcast using your mobile device!



With all of the daily distractions that security professionals face, it is easy to forget that Application Security is an inherently pragmatic and numbers-driven discipline. Frequent and sophisticated threats demand a large portion of the little time and resources security teams have. In order to keep pace, we need our WAFs to perform at peak efficiency. Many security teams would argue that theirs is not, and struggle to identify where to start diagnosing the problem.

In this webinar, we bring an AppSec focus to the old adage of what gets measured, gets improved. We dive into the bottlenecks of current WAFs and address the key metrics that you should be holding your WAF against. Well answer such questions as:

  • How can you establish benchmarks for threat detection and protection?
  • What is the true cost of a false positive and an underperforming WAF?
  • How should I measure WAF operational cost?
  • How important are deployment time and the impact of application updates on the success of my security strategy?
  • Whats the best way to measure and evaluate WAF performance over time?
  • How can you measure application security posture?

Join Chris Brazdziunas, Chief Product Officer, and Will Woodson, Lead Security Engineer, at ThreatX, for this 45-minute discussion where they will focus on the empirical side of application security and share guidance that you can use to improve your security practice

Speaker Bios

Chris Brazdziunas

Chris has a proven track record of leading global product and R&D organizations to deliver large-scale enterprise software and security solutions. Prior to joining ThreatX, Chris held multiple senior product management and engineering positions, most recently serving as the Vice President Product at market leading SIEM provider LogRhythm, where she was responsible for product strategy, product operations, and development. Chris holds an M.S. degree in Information Networking from Carnegie Mellon University and a B.S. in Computer Engineering from the University of Illinois.

Will Woodson

Willís background is in security operations, working in the financial services sector and as a federal employee in engineering & analytical roles. He holds several industry certifications including a CISSP and is active in multiple information security community groups. As Lead Security Engineer, Will partners withThreatX customers to ensure they receive comprehensive protection for their application portfolio, all while retaining full visibility of their security posture and application landscape.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.