Active Protection

Runtime Perimeter Security

Applications are the blind spot of cyber security with most resources directed at securing the perimeter. Runtime Application Self Protection – RASP – is the next generation of application security associated with an application’s runtime environment.




Add a quote

of attacks are directed at the application layer

(SOURCE: Ponemon Institute)

of AppSec professionals say a lack of visibility in the application layer prevents strong security

(SOURCE: Sonatype)

Web Application Firewall (WAF) vs RASP

Longstanding frustrations with WAF coupled with high profile security events and new regulations like GDPR are driving the push to newer technologies like runtime protections.  For years, WAF have frustrated security teams with their high false positives and performance killing overhead. Spend enough time with a WAF engineer and they’ll tell you about all the time spent running in monitor mode or with just enough rules applied to pass an audit.

It is somewhat ironic that the same regulatory environment that helped create demand for WAF is also driving companies to newer, more effective alternatives. PCI compliance drove the vast majority of WAF installations. Now GDPR and it’s “security by design/protection by default” criteria is driving organizations to look at protections that can address basic security more effectively and tackle related issues like patching and legacy software upgrades that WAF cannot fix.

In late July 2018, Amy DeMartine of Forrester made a bold prediction:

“…eventually runtime application self-protection (RASP) (will) take over web application firewall (WAF) as the best way to combat web app attacks. They have deeper knowledge than WAFs of the applications that they protect, and they can virtually patch vulnerabilities and weaknesses. In an upcoming report, we’re predicting WAF market growth to significantly slow down over the 2021–2023 period as bot management and RASP tools fully cover traditional WAF capabilities. In fact, RASP will experience a healthy 26.2% CAGR in the same period.“

Take a look at how Waratek’s runtime protection using proven compiler techniques compares to WAF and the advantages of Waratek’s approach become clear.


WAF Technology

Waratek’s  Runtime Protection

No profiling or routine tuning


No instrumentation/filters  (heuristics)


No false positives – guaranteed


Run in blocking mode with low/no performance hit


Remediate CVEs with no downtime or source code changes


Virtual upgrade of out of support Java applications


Web Application Firewalls may still find a home in organizations that are dedicated to a defense-in-depth strategy. Over the long term, though, compiler based runtime solutions offer the best protection against the increasingly complex and frequent attacks against known CVEs – without the side effects or time and resources required by WAF.

Innovative and unique application security

Runtime Application Self-Protection (RASP) is a transformation application security technology, securing an applications runtime environment.

Waratek’s unique and patented RASP solution detects and prevents real-time attacks, such as SQL Injection or Remote Code Execution, with no false positives, doesn’t slow your applications’ performance, and increases the visibility into your apps’ operations – benefits not possible with traditional approaches to today’s threats.

Waratek’s RASP protection makes it easy for security teams to:

  • instantly patch known flaws
  • protect applications from known and Zero Day attacks
  • virtually upgrade out-of-support applications
Learn More


No need to stop and restart and application


No False Positives, guaranteed


No risk of breaking an app


No routine tuning


No source code changes required


No unacceptable performance overhead

Compiler Based Runtime Application Self Protection (RASP)

Providing unique patented runtime protection


Using the Just-in-Time Compiler of Java and .NET platforms, Waratek’s RASP solutions also give you the ability to instantly remediate known vulnerabilities with runtime virtual patches as well as virtually upgrade out-of-support Java-based applications.


Find out why Waratek is different

Schedule A Demo