Waratek Application Security Webinar Series

View on demand

Webinar: Defense from the Inside: Demystifying Runtime Security

Business agility shouldn’t put your application security at risk. Yet, many companies have avoided adding security controls to the runtime for fear that it will slow their applications.

In this webinar, learn how Waratek is using the JIT compiler – made famous for its ability to optimize performance and speed – to identify and remediate vulnerabilities in the runtime

In this webinar, we explore:

  • Why perimeter security solutions fall short.
  • How JIT compilers implement zero-trust security without false positives or impacting performance.
  • Use of JIT compilers for patching and compliance acceleration.

Webinar: How to end false positives

What if your application security platform didn’t cause false positives?  Too good to be true?  It’s not.

False alarms.  The bane of all security teams.  A recent research report1 noted that only 56 percent of security alerts are routinely researched; only 28 percent of those are deemed legitimate; and, less than half of the legitimate alerts are remediated. The cost of investigating these false alarms is an estimated average $1.3 million USD per year2.

Join our webinar to learn how moving away from traditional, heuristic-based security like WAFs means improved application security without time-consuming configuration or chasing false positives.

SOURCES: 1The Cisco 2017 Security Capabilities Benchmark Study and 2The Ponemon Institute.

In this 30 minute webinar we’ll discuss how to:

  • End the guesswork of heuristics using virtualization
  • Determine if a transaction is permissible at runtime with no configuration
  • Improve security without slowing your applications
  • Reduce your team’s workload at the same time

During the nearly two years our patented technology has been in global production, it has never produced a false positive. We’re so confident that our Application security platform can eliminate all false positives for the OWASP Top Ten, we offer a guarantee:  If we produce a false positive, we’ll give you a $10,000 credit per unique event.


Webinar: Deserialization Vulnerability

In this 30 minute webinar you’ll learn:

  • What is Deserialization and how a Deserialization Attack Works
  • Why traditional App Sec approaches are not working
  • How to protect your applications from deserialization attacks without:
    1. Profiling
    2. Blacklisting
    3. Whitelisting
    4. Code changes
    5. Tuning
    6. Breaking your app
  • The advantages of a virtualization-based approach to application security

Deserialization vulnerabilities are one of the greatest nightmares for App Sec professionals. These attacks are also increasingly popular among malicious hackers because they are often easy to execute and difficult to prevent.

Oracle’s Q1 2017 Critical Patch Update includes a deserialization patch to help address a vulnerability that impacts virtually every Java app today running on a server which provides Remote Method Invocation (RMI).   But that patch relies on a traditional approach to preventing deserialization attacks.

Waratek has developed a highly effective, virtualization based approach that does not rely on blacklisting or whitelisting to prevent attacks.