Runtime Vulnerability Patching

It doesn't need to be difficult to patch legacy and critical enterprise applications

Speed is of the essence

Every security patch issued by Oracle, Microsoft, IBM, Apache or any other software developer starts a relay race. One team is the malicious hackers who seek web applications containing the new vulnerability to steal an organization’s data.
It may take attackers a few days or weeks to find a victim, but once inside a system, it will be nearly 200 days before the attack is noticed and another 60+ days before the attack is stopped.

Source: Ponemon Institute 2017 Cost of Data Breach Study

of all malicious attacks are aimed at the application layer

(SOURCES: DHS, Verizon)

of all successful exploits will be based on known vulnerabilities

(SOURCE: Gartner)

Binary Equivalent Security Without Code Changes

Traditional approaches to web application security that rely on heuristics cannot help you win the race against attacks from known (or unknown) software flaws. With Waratek, a virtual patch can be applied within hours of the release of a routine or emergency patch, dramatically reducing your risk profile and attack surface.

Waratek’s unique approach to application security allows teams to apply routine and emergency security updates without taking an app out of production.


Vulnerabilities are mitigated immediately and automatically – allowing Dev teams to focus on permanent fixes for the highest level vulnerabilities.


With Waratek you reduce the time and effort spent on patch updates, saving time and money and freeing your Dev team to work on innovation.


Application code is never touched and restarting the app is not required. This eliminates the risk associated with patching your mission critical apps.

Remediating years of vulnerabilities and updating an out-of-date Java JRE without changing a single line of code.

US BasedGlobal Media Company
Monitoring Application Security

Suggested Resources

Case Study

Virtual Patching while under attack

Download this Case Study to hear what our customers have to say

See it for yourself.

Schedule a demo

Patching News

July 17, 2019 in Blog, Patching

Oracle July 2019 CPU shows a 6% increase

The number of patches in the quarterly Oracle Critical Patch Update (CPU) for July 2019 is 316 which is a 6% increase compared to the April 2019 CPU. Of the…
Read More
June 17, 2019 in Alerts, Legacy, Patching, Technical, Zero Day

[Updated] New WebLogic Zero-Day RCE Vulnerability

Oracle have issued a patch for this new vulnerability CVE-2019-2729 Please note that this Oracle fix has the same limitations as their previous fix. Oracle’s patch is available only for…
Read More
May 29, 2019 in Alerts, Legacy, Patching

Java Deserialization Vulnerability in WebSphere Application Server

Guidance on Java Deserialization Vulnerability in WebSphere Application Server ND (CVE-2019-4279) Security Bulletin IBM issued a security bulletin on Wednesday 15th May that advised of a critical vulnerability affecting IBM…
Read More
March 4, 2019 in Blog, Legacy, Patching, Zero Day

Secure Coding is Great, but is it Enough?

Despite our best efforts to write secure code, computer security breaches at major banks, retailers and government agencies are making front page headlines on a regular basis. Here are five…
Read More