Waratek Webinar Series

 

View on demand

Webinar: How to end false positives

What if your application security platform didn’t cause false positives?  Too good to be true?  It’s not.

False alarms.  The bane of all security teams.  A recent research report1 noted that only 56 percent of security alerts are routinely researched; only 28 percent of those are deemed legitimate; and, less than half of the legitimate alerts are remediated. The cost of investigating these false alarms is an estimated average $1.3 million USD per year2.

Join our webinar to learn how moving away from traditional, heuristic-based security like WAFs means improved application security without time-consuming configuration or chasing false positives.

SOURCES: 1The Cisco 2017 Security Capabilities Benchmark Study and 2The Ponemon Institute.

In this 30 minute webinar we’ll discuss how to:

  • End the guesswork of heuristics using virtualization
  • Determine if a transaction is permissible at runtime with no configuration
  • Improve security without slowing your applications
  • Reduce your team’s workload at the same time
View NOW

During the nearly two years our patented technology has been in global production, it has never produced a false positive. We’re so confident that our Application security platform can eliminate all false positives for the OWASP Top Ten, we offer a guarantee:  If we produce a false positive, we’ll give you a $10,000 credit per unique event.

Deserialization Vulnerability

Webinar: Deserialization Vulnerability

Deserialization vulnerabilities are one of the greatest nightmares for App Sec professionals. These attacks are also increasingly popular among malicious hackers because they are often easy to execute and difficult to prevent.

Oracle’s Q1 2017 Critical Patch Update includes a deserialization patch to help address a vulnerability that impacts virtually every Java app today running on a server which provides Remote Method Invocation (RMI).   But that patch relies on a traditional approach to preventing deserialization attacks.

Waratek has developed a highly effective, virtualization based approach that does not rely on blacklisting or whitelisting to prevent attacks.

In this 30 minute webinar you’ll learn:

  • What is Deserialization and how a Deserialization Attack Works
  • Why traditional App Sec approaches are not working
  • How to protect your applications from deserialization attacks without:
    1. Profiling
    2. Blacklisting
    3. Whitelisting
    4. Code changes
    5. Tuning
    6. Breaking your app
  • The advantages of a virtualization-based approach to application security
View Now