Runtime security,

Real-time protection.

Introducing Waratek ARMR - complete application security without the need for additional resources.


Black Hat USA 2019

Join us  >>

No false positives.
No application performance impact.
No risk of breaking your applications.

We put our money where our mouth is – learn more about our ‘no false-positive’ financial guarantee.

Upcoming Events

09sepAll Day13OWASP Global AppSecDC 2019

Problems We Help Solve

Protect your entire application stack.

Like an iceberg, 80% of an application’s code contains risk. Even the most secure development processes can’t catch every bug, every time. Waratek adds an additional layer of protection for:

  • the business logic layer
  • components from 3rd party libraries
  • operating systems

Protection from OWASP Top Ten and SANS Top 25 threats with the ARMR Security Management Platform offers peace of mind where you need it most – inside your application.

End of Life Isn’t Always End of Use

Are your critical enterprise applications running on the most current platform release?

Most organizations have apps running on platforms that are no longer supported such as Java, Apache Tomcat and WebLogic. In fact, many companies have built their business on these critical enterprise applications. But determining what to do with these legacy apps is no easy task.

The Waratek ARMR Security Management Platform can modernize your applications by virtually upgrading their platform, making application security available based on your timeframe – not the platform vendor.

Patching is Hard.

Thousands of new vulnerabilities are discovered a daily basis.

Physically patching these known software flaws is time consuming and risky. The problem is intensified with legacy applications, open source code and code not written by your trusted developers.

What can you do then?

Failed an Audit?

Breaches that result from negligence can result in fines, lawsuits, and most importantly they can impact corporate brands and damage trust with customers. PCI, HIPAA, GDPR and other regulatory controls have put greater emphasis on the protection of client data and making an organization liable when they fail to provide adequate protection – such as patching known vulnerabilities.

Waratek’s ARMR Security Management Platform offers solutions to help organizations remediate vulnerabilities and institute compensating controls so that they can achieve compliance.

Runtime Application Security Products

Perimeter Security




Find out more    >

Virtual Patching




Find out more    >

Runtime Application Security




Find out more    >

Platform Upgrade




Find out more    >


Waratek provides patented next-gen WAF, RASP and legacy modernization solutions delivered through the Waratek ARMR Security Management Platform for real-time protection and threat remediation for known and unknown vulnerabilities affecting the enterprise.
Waratek Console

Fix Vulnerabilities

Waratek offers the only application security solutions that fix vulnerabilities in the compilation pipeline, remediating threats – not just blocking them.


Waratek requires no tuning, no source code changes, and has no unacceptable performance overhead.

Guaranteed Results

Waratek is the only application security company that provides a guarantee that we will not break your application or generate a false positive.

Legacy Protection

Extend the life of your legacy applications – run your business-critical apps in the most current platform release without the risk of code changes.

What Our Customers Are Saying

A week after we installed the Waratek solution we got hit with more deserialization attacks," the CISO says. "Because of Waratek's solution, the attacks were immediately stopped, and the solution automatically alerted us to the attempt. All of the hacker's malicious scripts failed, which took us to a new level of confidence - the Waratek virtual patch is providing the protection we need, better and faster than we ever thought possible.


Upon restart, a virtual container encapsulated the full application stack, providing instant modernization of the out-of-support JRE to a Java 8 JRE and instant protection from the Java-related vulnerabilities identified in the pre-scan.

Fortune 100US based company

Waratek achieved the following results:

- Simple, fast deployment in less than 30 minutes
- All security tests: Passed
- Active security controls: Protected against future threats (0-day) in all layers of application stack
- Legacy applications: Transparently updated to Java 8 without code changes
- Internal performance result: Passed
- All functional tests: Passed
- False Positive Rate: 0
- Code Changes Required: 0

GlobalFinancial Services

After installation all 29 Java vulnerabilities identified by Qualys scans were remediated by containerizing the legacy Java 6 application stack on top of a Java 8 host. As a result, the environment could be considered as fully security compliant.

Fortune 100US financial services company
Case Studies

Ready to Talk?

Schedule a demo today and see the power of the ARMR Security Management Platform for yourself.


August 15, 2019

New Apache Solr Injection Vulnerability

July 19, 2019 in News

Debunking Myths Around RASP

Runtime application self-protection (RASP) has taken a fair bit of scrutiny over the last few years. Like many security technologies that pioneer new ways of tackling old problems, people inherently…
Read More
July 17, 2019 in Blog, Patching

Oracle July 2019 CPU shows a 6% increase

The number of patches in the quarterly Oracle Critical Patch Update (CPU) for July 2019 is 316 which is a 6% increase compared to the April 2019 CPU. Of the…
Read More
July 12, 2019 in Blog, Enterprise Applications

Serialization: Protecting Enterprise Critical Applications

Enterprise organizations have built much of their foundations on Oracle’s WebLogic servers. As ubiquitous as they are, it’s no wonder that they are often the target of sophisticated attacks aimed…
Read More
July 8, 2019 in ARMR Reports

The ARMR Report – Week of July 8th, 2019

AppSec News from the Web New report shows Government getting hit hard by SQL injection, path traversal and cross-site scripting READ>> Magento issue could redirect payment traffic READ>> WAF rule misconfig gets…
Read More
Read more from the archive

3 steps to securing your applications


Schedule a demo

Speak to one of our security experts who will demonstrate the benefits that Waratek can offer your enterprise

Identify your protection requirement

Check out the ARMR Mods Library to see what protection is best for you

Live runtime protection

No source code changes are required so you can secure your new and legacy applications with speed and accuracy