Waratek tackles Java application security

Waratek Java Application Security monitors, detects and blocks risky application behaviors.

By , Network World |  Security, java

Waratek is introducing its first product aimed at Java application security, and it works by identifying weaknesses, especially in open-source platforms, and then acts like a shield against attacks.

Waratek Java Application Security (JAS) is installed in the Java Virtual Machine to monitor the JVM runtime and detect attacks such as SQL Injection, and block them.

"Certain behavior wouldn't be allowed at runtime," says Prateep Bandharangshi, director of client security solutions at Waratek, adding, "It's kind of a virtual patching." It also works by detecting abnormal file manipulation or unexpected network connections and can quarantine what are deemed to be "illegal operations" inside the application.

Waratek was founded in Dublin, Ireland in 2009 by father-and-son team, John Holt, chief operating officer and John Matthew Holt, chief technology officer, and the firm has a CloudVM capability to help organizations deploy multiple apps on a single server. Brian Maccaba, CEO, says Java Application Security is Waratek's first security product.

While Java-based software--especially open source--is in much demand in the enterprise, the challenge is keeping up with vulnerabilities that should be patched, the company points out. Waratek's JVM runtime approach can be set up to act like a patch without having to stop the application or make code changes. Waratek's approach differs from that taken by Web application firewalls, for example, in blocking attacks because it operates down in the JVM layer to monitor network packet, files system calls and CPU instructions. It works to flag "risky API" calls. It can be deployed in monitoring mode alone or in blocking mode.

Waratek JAS can also be used to audit and log activity for compliance reporting and forensics, the company says.

Waratek has received $18 million in venture-capital funding from Mangrove Capital and angel investors. Maccaba says pricing of Waratek JAS is based on how large the enterprise deployment is but can get into the "six-figure" range.


Originally published on Network World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Spotlight on ...
Online Training

    Upgrade your skills and earn higher pay

    Readers to share their best tips for maximizing training dollars and getting the most out self-directed learning. Here’s what they said.

     

    Learn more

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question