Government Security News 2016 Digital Yearbook

2016
Waratek
2016 Winner
GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS
Vendors of IT and Cybersecurity Products and Solutions
Awards Category:
––––––––––––––––––––––––––––––––––––––––
Best Application Security Solution
Reason this entry deserves to win:
––––––––––––––––––––––––––––––––––––––––
The majority of government agencies still run customdeveloped,
mission critical applications on out-of-date
versions of Java. Most of these applications cannot be
taken offline to install updates, and the quarterly frequency
of critical patch updates overwhelms IT staff.
Waratek has developed a disruptive new approach by
virtualization-based to application security called Runtime
Application Self Protection (RASP). This approach
makes enterprise applications self-protecting by providing
transparent, secure RASP containers for web applications
deployed in on-premises datacenters and cloud
environments, protecting new and legacy applications
without the need to make any code changes or impacting
application performance. Waratek delivers out of
the box protection for enterprise applications and data
from logic attacks like SQL Injection, network attacks,
unpatched vulnerabilities at runtime, and unknown
attacks.
Waratek monitors, detects and blocks threats from
within the Java Runtime Environment (i.e. JVM) in realtime,
to enable applications to self-protect from the inside
out. With Waratek, organizations gain visibility into
malicious activity, enforce security policies and virtually
patch vulnerabilities at runtime. The platform mitigates
against vulnerabilities in legacy application platforms,
third party and open source code, and effectively counters
“zero day” malware. Waratek automatically modernizes
any web application running on a legacy version of
Java by updating it with all the security and performance
improvements inherent to the Java 8 OS without changing
even one line of code or performing a restart.
Unlike other RASP solutions, Waratek uses a virtualization-based
approach to create secure containers for
protected applications. As a result, it does not require
any code changes, or hardware and does not impact the
performance of the application. With Waratek, all future
routine and emergency security patches can be applied
virtually without taking the application out of production.
Waratek’s unique virtualization-based approach
eliminates the need for enterprises to re-write or modify
their applications, which significantly reduces the cost
of ownership compared to traditional RASP products.
Meanwhile, Waratek protects up to 98 percent of an
application’s attack surface from known and unknown
vulnerabilities without generating false positives by
monitoring activity within the JVM in real-time. This
eliminates the constant tuning and rule-writing associated
with web application firewalls. In addition, Waratek
can virtually patch applications that cannot be patched
or taken out of production for patching, using its virtual
patching capabilities. These combined capabilities
significantly reduce total cost of ownership compared
to other web application security products. Finally,
since Waratek creates a secure container within the Java
Runtime Environment, it can protect an infinite number
of applications without introducing any scalability,
performance degradation, management or configuration
issues.
According to Gartner Inc.’s Top 10 Security Predictions
2016, by 2020, 40 percent of enterprises will
secure developed applications by adopting application
security self-testing, self-diagnosing and self-protection
technologies.
Gartner recommends companies adopt runtime application
self protection (RASP).
Link to Web Page of Nominated Organization:
––––––––––––––––––––––––––––––––––––––––
www.waratek.com
Link to additional information:
––––––––––––––––––––––––––––––––––––––––
A short video depicting the technology:
https://youtu.be/z8PRaAE4Y9E?rel=0
Nominating contact for this entry:
––––––––––––––––––––––––––––––––––––––––
Marc Gendron, President
Marc Gendron Public Relations
office: 781-237-0341
cell: 617-877-7480
Nominating contact email address:
––––––––––––––––––––––––––––––––––––––––
marc@mgpr.net
Nominating organization address:
––––––––––––––––––––––––––––––––––––––––
Marc Gendron Public Relations
190 Lower County Road
West Harwich, MA 02671
• Most Valuable Product in Computer Technology
Review CTR MVP Awards 2015
• SIIA NextGen winner 2015
• SIIA CODiE finalist 2015
• Cyber Defense Magazine Infosec Leader 2015
• CRN Top 20 Coolest Cloud Security Vendors For
2016
Customer case examples:
The company has garnered recognition and awards, A Global Bank inventoried hundreds of internal applications,
and found a multitude of Java versions for which
including:
• Innovation Sandbox winner of Most Innovative quarterly releases of security vulnerabilities is commonplace.
A traditional upgrade or patching approach
Company, RSA Conference 2015
• CRN Top 20 Coolest Cloud Security Vendors For was unfeasible. Even if it were, it would have imposed
2016 Continued on next page
40 41