michael adams

Java Applications

– Michael Adams, Senior Vice President, North America, Sales and Business Development for Waratek, says:

Java is the most popular enterprise application language in the world. It is used by many organizations to run sensitive business programs. This success has made it a popular target for cyberattacks. To complicate matters, only 20 percent of Java code is written by a company’s programmers. The remaining 80 percent is made up of third party libraries. This makes the attack surface of Java applications very large and hard to defend. The recent Heartbleed OpenSSL vulnerability illustrates the risks associated with using third party code.

Using traditional approaches to protect Java applications, such as static code analysis, application best practices, and network devices such as web application firewalls (WAF), has proved unsuccessful. That’s because application best practices are very difficult to apply consistently, and cannot be used for third-party libraries or applications. WAFs on the other hand, don’t understand application logic to the degree necessary to reliably block attacks, and require complex configuration and management.

Waratek has developed a completely new approach to Java application protection by putting real-time security inside the Java Virtual Machine, where it can monitor every network packet, file system call and CPU instruction. This approach represents a new category of security called RASP (Run-time Application Self Protection). According to analyst firm Gartner, Inc.: “Applications can be better protected when they possess self-protection capabilities built into their runtime environments, which have full insight into application logic, configuration, and data and event flows.”

The Waratek Application Security for Java product protects Java applications and platforms such as Apache Tomcat, Websphere, WebLogic, Scala, Groovy, Jython, JRuby and more. It can detect and block malicious activity including SQL Injection, abnormal file manipulation or unexpected network connections.

A small set of customizable rules enables Waratek to provide broad coverage against attacks from outside the application and quarantine illegal operations inside the application. This approach also defends against Zero Day vulnerabilities since it traps the application behavior, independent of the threat vector, without having to wait for a patch to be coded, tested and implemented.

Waratek also logs/audits activity for compliance reporting, forensics and integration with security information event management (SIEM) systems. It requires no changes to application code or network configurations, and can be deployed in monitoring or blocking mode. Waratek is certified to be compatible with the Java Platform.

To find out more visit: www.waratek.com

Video: Video: http://www.waratek.com/security