It’s Baaaack! A Java Security Flaw Waratek Solves
Fintech – News and Analysis
Waratek, which provides a Runtime Application Self Protection (RASP) containers said it protects the full application stack using a pioneering virtual container technology that operates in the runtime.
The flaw, known to friends as CVE-2013-5838, can be exploited without authentication, to completely compromise a system’s confidentiality, integrity and availability.
Using Waratek’s RASP containers with a default security policy, CVE-2013-5838 is automatically mitigated and no specific security rule for this CVE is required, Waratek said. “Default security policies work in one of two ways: either reducing the severity of a given vulnerability, or eliminating the vulnerability altogether. In the case of CVE-2013-5838, a default security policy immediately reduces the severity of this vulnerability to partial and eliminates the complete compromise of the host computer system and its data. This benefit is achieved with no foreknowledge of this CVE or the nature of its exploit.”