Waratek is introducing its first product aimed at Java application security, and it works by identifying weaknesses, especially in open-source platforms, and then acts like a shield against attacks.
Waratek Java Application Security (JAS) is installed in the Java Virtual Machine to monitor the JVM runtime and detect attacks such as SQL Injection, and block them.
"Certain behavior wouldn't be allowed at runtime," says Prateep Bandharangshi, director of client security solutions at Waratek, adding, "It's kind of a virtual patching." It also works by detecting abnormal file manipulation or unexpected network connections and can quarantine what are deemed to be "illegal operations" inside the application.
Waratek was founded in Dublin, Ireland in 2009 by father-and-son team, John Holt, chief operating officer and John Matthew Holt, chief technology officer, and the firm has a CloudVM capability to help organizations deploy multiple apps on a single server. Brian Maccaba, CEO, says Java Application Security is Waratek's first security product.
While Java-based software--especially open source--is in much demand in the enterprise, the challenge is keeping up with vulnerabilities that should be patched, the company points out. Waratek's JVM runtime approach can be set up to act like a patch without having to stop the application or make code changes. Waratek's approach differs from that taken by Web application firewalls, for example, in blocking attacks because it operates down in the JVM layer to monitor network packet, files system calls and CPU instructions. It works to flag "risky API" calls. It can be deployed in monitoring mode alone or in blocking mode.
Waratek JAS can also be used to audit and log activity for compliance reporting and forensics, the company says.
Waratek has received $18 million in venture-capital funding from Mangrove Capital and angel investors. Maccaba says pricing of Waratek JAS is based on how large the enterprise deployment is but can get into the "six-figure" range.