Waratek Offers $10,000 No False Positive Guarantee

First Non-Heuristic Application Security Platform Has Never Produced a False Alert

DUBLIN and ATLANTA – February 21st, 2017 – Waratek, a pioneer in the next generation of application security solutions, has announced a new false positive guarantee tied to the Waratek Application Security Platform. For every instance of a false positive generated for the Open Web Application Security Project (OWASP) Top Ten, Waratek will offer its customers $10,000.

According to the Ponemon Institute, the average labor cost of chasing false security alerts is $25,000 per week. That doesn’t represent all false alarms for a typical enterprise – that’s the cost associated with investigation of just four percent (4%) of such alerts. Organizations spend an average of 395 hours each week responding to false positives.

“Current application security technologies rely on heuristics that generate false positives,” said John Matthew Holt, Founder and Chief Technical Officer. “That’s not the case with our Application Security Platform. Our patented technology is based on virtualization techniques that allow us to determine if an operation is an attack or a permissible request with pinpoint 100% accuracy.”

The guarantee of no false positives is based on the 2013 OWASP Top Ten list of security flaws. In the event Waratek identifies a permissible action as a false positive on a live system, the company will issue a credit in the amount of $10,000 per unique event. During the nearly two years the patented Waratek Application Security Platform technology has been in global production, it has never produced a false positive.

The official announcement was made at RSA Conference 2017 at the Moscone Center in San Francisco, where Waratek won the RSA Innovation Sandbox Award in 2015. Free demonstrations can be scheduled at

About Waratek:

Waratek is a pioneer in the next generation of application security solutions.  Based on patented virtualization technology, Waratek’s Application Security Platform is highly accurate, easy to install, simple to operate and does not slow application performance – while providing protection against known and unknown vulnerabilities in current and legacy software in ways competitors cannot.

Waratek was recently awarded a 2017 CDM INFOSEC award for their Runtime Application Self Protection (RASP) technology. The company was named 2016’s Best Application Security Solution by Government Security News and is the winner of the 2015 RSA Innovation Sandbox Award. JavaWorld notes that “Waratek is the only vendor that can boast of a large-scale production deployment with a Tier 1 global investment bank, the most significant deployment of (runtime protection) that exists for Java technology today.”

Waratek is based in Atlanta, Georgia and Dublin, Ireland.  For more information visit

Media Contact:

Mike Gallo for Waratek

Lumina PR

Related resources

Ready to scale Security with modern software development?

Work with us to accelerate your adoption of Security-as-Code to deliver application security at scale.