Waratek has announced a new runtime agent that both blocks and detects attacks using a deterministic approach to safeguard web applications from known and Zero Day attacks without generating false positives.
Waratek Secure, a plug-in agent for Java- and .NET-based applications, installs within minutes and does not require tuning, downtime, or source code changes to deploy a new rule. Waratek Secure has a near zero performance impact on applications and generates no false positives, avoiding the complaints about application security tools.
“As the world becomes increasingly driven by software that includes inherent vulnerabilities, organizations of all sizes need to make their applications more secure from flaws that can halt business operations and cause severe monetary damages,” said Waratek Founder and Chief Technology Officer John Matthew Holt.
“Waratek Secure’s unique approach allows organizations to improve their application protection without sacrificing accuracy or speed while reducing complexity.”
Traditional application security approaches like Web Application Firewalls (WAF) rely on heuristics to make educated guesses about known attacks, which leads to false positives. WAFs and other tools that rely on WAF-like techniques also tend to slow application performance as well as require tuning to stay effective as application updates are made and new attacks emerge.
Waratek Secure offers accuracy against exploits in the OWASP Top Ten, SANS Top 25, and Zero Day attacks without negatively impacting application speed.
The new offering allows security teams to add, set, and forget protection levels for single or multiple applications with no routine tuning. Waratek Secure also integrates with common SIEM and central management tools.
Waratek Secure is one of three solutions in Waratek’s Runtime Application Security Platform.
Waratek Patch fixes known flaws in web applications using functional equivalent virtual patches requiring no downtime or source code changes.
Waratek Enterprise upgrades out-of-support Java applications to a current version of Java and includes the features of Patch and Secure.
Waratek’s products never require source code changes or routine tuning, generate false positives, and have a performance impact.
Waratek Secure, Waratek Patch and Waratek Enterprise are available for immediate deployment.
This article appeared in HelpNetSecurity