TAG Cyber: Application vulnerabilities are becoming hard for businesses to resolve. What are the more common complaints you hear about application security from your customers?
RedShield: The biggest issue we see is that most breaches happen through known, unpatched vulnerabilities - issues that are already sitting in the backlog or on the risk register. Organizations usually want to fix these problems, but they are held back by development priorities, limited access to code, legacy systems, compliance barriers, or stretched resources. As a result, many vulnerabilities remain unresolved for months or even years.
At the same time, security teams are overwhelmed by noisy traffic, new threats, and the need to keep tuning WAF rules. They’re caught between blocking too much and not blocking enough. In the end, risk acceptance becomes the default.
Our approach is different. RedShield delivers both: expertly managed WAF services to block generic threats like bots, DoS attacks, and malicious inputs and in-flight patching that fixes application-specific vulnerabilities in real time, without modifying source code. We can protect legacy systems, third-party applications, APIs, and more - quickly and effectively. This gives teams the breathing room they need to focus on innovation and digital transformation, instead of getting caught in endless patching cycles.
TAG Cyber: WAFs don’t typically include vulnerability remediation, but the first step in RedShield’s process is guided remediation. Can you explain exactly what this entails?
REDSHIELD: When we receive a list of vulnerabilities, whether from a pen test, bug bounty, or scanner, we create an In-Flight Patches Plan. It outlines how we’ll remediate each issue with in-flight patches, which are either pulled from our extensive library or custom-developed for the customer. This plan is shared with the dev team, who can choose to implement fixes themselves or let us handle it fully managed.
WAFs inspect and block traffic but don’t resolve the root cause. They’re reactive and prone to false positives. We include WAFs in our service, but our focus is fixing not just blocking. Our service orchestrates the in-flight patching lifecycle: detection, assessment, deployment, and verification. It’s underpinned by AI-assisted decision-making, automation, and expert engineers who deliver mature processes 24/7.
Our service is designed around a repeatable cycle that aligns to three key steps: Protect, Secure, and Assure.
- Protect means we immediately block generic threats (including bots, DoS attacks, and malicious payloads) using advanced tools like expertly tuned WAFs and custom traffic policies.
- Secure is where we discover application-specific vulnerabilities (from pen tests, bug bounties, scans, or RedShield scanning) and apply in-flight patches. These in-flight patches are written by RedShield developers and deployed by RedShield engineers without touching the application’s code.
- Assure involves ongoing monitoring, auditing, and reporting to ensure everything is working as intended and that applications stay both protected and functional.
This entire service is managed by RedShield, automated where possible, and backed by experienced engineers around the clock. We maintain a library of in-flight patches and custom-develop new ones as needed. We coordinate with the customer’s development and security teams to align with their internal priorities, but we take full ownership of remediation.
TAG Cyber: What not just block or quarantine bad apps?
RedShield: You could, but in many cases it is not practical. If an app is business-critical, downtime is not an option. One of our customers, a European commodities trader, had a trading platform flagged under GDPR. Legal required it be taken offline immediately. Reverting to manual processes like email and phone was unsustainable. Their developers estimated six to eighteen months for remediation. We resolved the issues and brought the platform into compliance within 48 hours.
Another example is a major payment provider with more than 300 vulnerabilities. Traditional remediation would have taken months and risked compliance failure, which could have cost them the ability to process cardholder data. We patched the platform in six weeks, most of which was spent aligning on technical findings.
This is where in-flight patching makes the difference. Rather than blocking users or shutting systems down, we fix the exploitable behavior without modifying the source code. This keeps our customers protected and operational.
TAG Cyber: How is an in-flight patch different from a next-gen firewall?
RedShield: A next-gen firewall (NGFW) or even a next-gen WAF inspects traffic using patterns and rules. But clever attackers can easily bypass these filters with obfuscation or evasive tactics. WAFs help reduce exposure to common threats but don’t fix the vulnerabilities themselves and often generate false positives that disrupt users.
In-flight patches go deeper. These are small, targeted blocks of executable code that alter the application’s behavior in real time. They intercept traffic at the reverse proxy layer and remediate the vulnerability without modifying the app’s source code or breaking functionality. Unlike WAF filters, they address the root cause directly.
For example, if an app allows weak passwords, a WAF might block some inputs or limit login attempts. An in-flight patch would upgrade the password enforcement logic without changing the backend, effectively closing the loophole while keeping the user experience consistent.
Our platform orchestrates all of this: discovery, patch development, testing, deployment, and ongoing verification. It’s not just better protection, it’s intelligent risk reduction.
TAG Cyber: You ran a pen testing company for ten years; what inspired the transition to building a security product?
RedShield: After years of pen testing, we noticed the same issues showing up repeatedly. We would deliver a thorough report, only to return months later and find the same flaws still unresolved in the backlog. Customers were not lazy or careless. They were overwhelmed by real-world constraints and lacked the resources to fix every issue.
So we asked a simple question: what if we could fix these problems ourselves? That is how RedShield was born. We wanted to bridge the gap between detection and remediation by fixing security issues quickly and at scale, without needing to rewrite applications or rely on developer capacity. That mission continues to drive us today.
