Home > News > featured news > Waratek Introduces World's First Java Security Platform with API Security Capabilities

Platform Security, Software Security, API Security

Waratek Introduces World's First Java Security Platform with API Security Capabilities

Prnewswire | May 09, 2023 | Read time : 05:00 min

Waratek Introduces World's First Java Security Platform

Waratek, an industry leader making Java security achievable for every mission-critical application and API, today introduced API security to its Java Security Platform, giving customers the ability to scale strategic risk mitigation in the enterprise. This unique combination provides turnkey protection against bytecode and serialization vulnerabilities, classpath manipulation, and sandbox escapes that are unique to the Java Virtual Machine.

Additionally, Waratek released today its Log4J Vulnerability Scanner, giving users an in-depth view of any remaining issues in their IT systems. The scanner makes it simple to quickly scan all applications for Log4shell vulnerabilities, then sends out non-invasive payloads to a company's libraries, automatically building a table of remaining instances of Log4J and where to find them.

"In 2022, we were the first company that released a Log4j patch, even faster than Oracle. Today, researchers warn that the infamous Log4j vulnerability is still present in far too many systems worldwide, and that attackers will be successfully exploiting it for years. With 80 percent of Log4shell-impacted companies remaining vulnerable today, we recognized the immediate need to offer this security innovation to our customers," said Doug Ennis, CEO of Waratek.

Signature-based security approaches have worked well for non-complicated languages, but languages like Java that are compiled into bytecode require expert-level domain knowledge to secure due to the unique characteristics of the Java programming language and its execution environment. When API security is added to the mix, the issue is exasperated. Now companies can solve this problem by combining the domain expertise of a Java software engineer and the knowledge of a security engineer in one platform.

According to a recent survey, more than 60 percent of enterprise companies that use Java were affected by Log4j vulnerabilities, with 41 percent of those companies stating that between 51 and 75 percent of their apps were affected. Today, 81 percent of companies report still having problems as a result of Log4j, and 70 percent of companies surveyed still have not put a patch in place.

A long-term Waratek customer, one of the top five semiconductor businesses in the world, expressed Log4j vulnerability concerns and worried that hundreds of hours would be required to resolve the issues. Utilizing Waratek's Java Security Platform with API capabilities, 2,500 of the company's applications were fully remediated of Log4j vulnerabilities without code changes or application redeployments in under four hours.

"For Java applications and APIs our unprecedented Java Security Platform helps security teams fill the knowledge gap on Java and address its unique security nuances, such as Insecure Deserialization, accurately and instantly," said Ennis.

"Waratek's Java Security Platform has become the essential line item in our security budget," said a CISO at one of the top three largest global hotel chains. "We originally implemented it to fix insecure deserialization across our applications. Since then, it's scaled to 2,500 applications without introducing new headcount, because to date it's never generated a false-positive."

ABOUT WARATEK

Waratek is the industry pioneer making Java security achievable for every mission-critical application and API. Headquartered in Chicago, IL and Dublin, Ireland, Waratek's multiple-award winning solution is trusted by some of the world's most recognizable brands including IBM, Google, Amazon, Microsoft, and more. The company has been recognized and awarded for its innovation in security deployment by CRN, CDM, Gartner Group, RSA, FinTech Innovation Lab, Computer Technology Review, and Government Computer News. For more information visit www.waratek.com or connect with us on LinkedIn, Twitter, or YouTube.

Spotlight

Cloud Pak for Security: Introduction to Cloud Pak for Security

This is an introductory video for Cloud Pak for Security. Cloud Pak for Security is based on Open Shift technology. This means that it can be installed on-prem as well as on any of the cloud solutions like IBM Cloud, AWS, Microsoft Azure, Google Cloud etc. QRadar XDR is SIEM of SIEM. Typically in huge environments, there are multiple SIEMs being used. To get a birds eye view of the complete environment, the data needs to be copied from one SIEM to another. Rather than this, CP4S can be leveraged in such a scenario. The data does not need to move from SIEM to CP4S and still CP4S is capable to understand the security posture of an organisation, understand risk valuation, create and manage incidents based on the rich data and threat intel sources.

More featured news

Spotlight

Cloud Pak for Security: Introduction to Cloud Pak for Security

This is an introductory video for Cloud Pak for Security. Cloud Pak for Security is based on Open Shift technology. This means that it can be installed on-prem as well as on any of the cloud solutions like IBM Cloud, AWS, Microsoft Azure, Google Cloud etc. QRadar XDR is SIEM of SIEM. Typically in huge environments, there are multiple SIEMs being used. To get a birds eye view of the complete environment, the data needs to be copied from one SIEM to another. Rather than this, CP4S can be leveraged in such a scenario. The data does not need to move from SIEM to CP4S and still CP4S is capable to understand the security posture of an organisation, understand risk valuation, create and manage incidents based on the rich data and threat intel sources.

Related News

Platform Security

Conceal Announces Strategic Partnership with Kompingo: Revolutionizing Web Security with the Next Generation of Protection

Business Wire | August 23, 2023

Conceal, renowned for its pioneering stance against web-based threats, today heralded its significant partnership with Kompingo, the UK's distinguished value-added distributor and managed security service provider. This collaboration signifies a major enhancement for Kompingo’s Managed Detection and Response (MDR) services, as it integrates Conceal’s patented zero-trust browser security into its offerings. "As the digital threat landscape rapidly evolves, strengthening our MDR and managed services capabilities remains paramount. Integrating Conceal’s browser security solution aligns perfectly with our ambition to offer our customers top-tier, holistic security solutions," commented Toby Caton, Director at Kompingo. “Conceal also allows us to offer the product as a stand-alone solution to our growing MSP partners and reseller base for them to enhance their offerings further, too.” Gordon Lawson, CEO of Conceal, further emphasized the partnership’s potential: "Kompingo's expertise in managed security services makes them an ideal partner. We’re confident that by infusing ConcealBrowse into their MDR offerings, we can provide users with unprecedented protection from web-centric threats." Together, Kompingo’s state-of-the-art Security Operations Centre and ConcealBrowse promise a robust defense against today’s sophisticated web threats. With Kompingo’s AI and machine learning-enhanced operations now complemented by Conceal's dynamic web content analysis, both organizations are poised to set a new benchmark in cybersecurity. About Conceal Conceal is at the forefront of defending against web-based attacks, using innovative technology to detect, prevent, and shield businesses and individual users from ever-evolving online threats. ConcealBrowse operates on the principle of proactive protection. Its AI-powered intelligence engine, ConcealSherpa, runs at machine speed with virtually zero latency to identify potentially harmful webpages autonomously, stopping cyber attacks that take advantage of weaponized links. For more information, visit https://conceal.io/. About Kompingo Situated at the crossroads of innovation and technology, Kompingo has etched its mark as a leading light in the IT security arena. Famed for its comprehensive managed services, Kompingo is dedicated to incubating IT security start-ups, nurturing technological advancements, and driving growth. Their plethora of services, spanning from co-managed and fully managed offerings to vCISO and penetration testing, makes them an indispensable ally in the cybersecurity domain. With a steadfast dedication to the Cyber Essentials Scheme and their top-notch Managed Detection and Response services, Kompingo remains a name synonymous with excellence.

Read More

Enterprise Security, Platform Security, Software Security

Conceal Enhances Browser Security in Strategic Partnership with NGS

Business Wire | August 17, 2023

Conceal, a forerunner in defending against web-based attacks, proudly announces its partnership with NGS, the UK's leading transformative cybersecurity solution provider. Through this collaboration, NGS clients will benefit immensely from Conceal's patented zero-trust browser solution, fortifying their web protection like never before. "As the cyber threat landscape evolves, it's crucial for businesses to be equipped with the most advanced tools to prevent potential breaches," said Jonathan Lassman, Founder and Director of NGS. "Integrating with Conceal allows us to provide our clients with a first-rate security solution that halts threats at the browser's doorstep, preventing data compromise and ensuring optimal user experience. We are thrilled about this partnership and ready to set new industry standards." Gordon Lawson, CEO of Conceal, shared, "NGS has proven its mettle in the cybersecurity arena, focusing on driving value and prioritizing user experience. This partnership will enable us to jointly address the sophisticated browser-based threats and challenges that modern businesses face. Together, we'll redefine web security for countless organizations." ConcealBrowse stands as a game-changer in the realm of web-browser security. Seamlessly integrating with existing security infrastructures, it offers minimal setup hassle and supplies invaluable telemetry data compatible with SIEMs and popular analytical tools. About NGS With its motto, "Be Transformative," NGS has made significant strides in the cybersecurity world, bridging the gap between emerging technology challenges and security solutions. Through strategic collaborations with top-tier vendors, NGS offers unparalleled security solutions tailored to modern business needs. Their holistic approach, focusing on delivering more for less, has made them a go-to for businesses seeking to bolster their digital defenses without breaking the bank. About Conceal Conceal is at the forefront of defending against web-based attacks, using innovative technology to detect, prevent, and shield businesses and individual users from ever-evolving online threats. ConcealBrowse operates on the principle of proactive protection. Its AI-powered intelligence engine, ConcealSherpa, runs at machine speed with virtually zero latency to identify potentially harmful webpages autonomously, stopping cyber attacks that take advantage of weaponized links. For more information, visit https://conceal.io/.

Read More

Network Threat Detection, Platform Security, Software Security

Coro Acquires Network Security Startup Privatise

Businesswire | July 27, 2023

Coro, the modern cybersecurity platform for mid-market organizations, today announced the acquisition of Privatise, an Israeli supplier of network security solutions for in-office and remote work. The acquisition adds critical SASE capabilities to Coro’s all-in-one platform and is part of an aggressive growth strategy, fueled by Coro’s $155M funding over the last 12 months, to expand the capabilities of Coro’s cybersecurity platform both organically and through strategic acquisitions. As the network edge continues to expand, Gartner predicts that by 2025, 80% of enterprises will have adopted a strategy to unify web, cloud services and private application access using a SASE/SSE architecture.** The challenge for mid-market organizations – who have lean IT teams, limited budgets and little to no cybersecurity expertise --is managing the cost and complexity typically associated with SASE implementations. With the Privatise acquisition, Coro now offers a single source of comprehensive security and protection -- all managed through a unified, cloud-based platform -- for any organizational configuration. Coro’s SASE solution includes military grade VPN, Secure RDP, ZTNA, Next Generation Firewall, DNS Filtering, and is fully integrated into Coro’s holistic security architecture, eliminating security gaps caused by siloed approaches to SASE. Whether a company’s assets are cloud first, on-prem, or hybrid, Coro can protect the user, the device they use, the network they connect through, their emails, and the data they access, use and share, all while ensuring compliance with critical supply chain and industry regulations. “Since its founding, Coro has focused on delivering a comprehensive, yet affordable and easy to use cybersecurity solution for mid-market companies,” said Guy Moskowitz, CEO, Coro. “By integrating Privatise’s SASE capabilities into our platform, we offer the industry’s first mid-market solution to deliver cloud-native, seamless and secure access to applications and resources regardless of location or device. We will continue to invest in Coro’s platform, both organically and through acquisition, to help companies strengthen their security posture and improve their operational efficiency.” The Privatise acquisition is the latest milestone in Coro’s growth and momentum. In April, the company announced a $75M funding round from Energy Impact Partners, bringing the total funding raised in the last 12 months to $155M. Coro projects it will grow 300% year-over-year in 2023, extending its extraordinary 300% annual growth record to a 5th year in a row. The Company’s modern approach to cybersecurity – delivering enterprise grade security through a single platform that unifies, simplifies and automates workloads -- has been validated by more than 5000 mid-market customers across every vertical industry. Over the past year, Coro tripled its revenue, customer and employee base, and signed more than 100 new channel partners. About Coro Coro provides modern cybersecurity that unifies comprehensive protection into a single platform. Coro empowers organizations to defend against malware, ransomware, phishing, data leakage, insider threats and email threats across devices, users, and cloud applications. More than 5,000 businesses depend on Coro for protection, unrivaled ease of use, and unmatched affordability. Coro’s cybersecurity platform automatically detects and remediates the many security threats that today's distributed businesses face, without IT teams having to worry, investigate, or fix issues themselves. In addition to Energy Impact Partners, investors in Coro include Balderton Capital, JVP, and Ashton Kutcher’s Sound Ventures.

Read More

Platform Security

Conceal Announces Strategic Partnership with Kompingo: Revolutionizing Web Security with the Next Generation of Protection

Business Wire | August 23, 2023

Conceal, renowned for its pioneering stance against web-based threats, today heralded its significant partnership with Kompingo, the UK's distinguished value-added distributor and managed security service provider. This collaboration signifies a major enhancement for Kompingo’s Managed Detection and Response (MDR) services, as it integrates Conceal’s patented zero-trust browser security into its offerings. "As the digital threat landscape rapidly evolves, strengthening our MDR and managed services capabilities remains paramount. Integrating Conceal’s browser security solution aligns perfectly with our ambition to offer our customers top-tier, holistic security solutions," commented Toby Caton, Director at Kompingo. “Conceal also allows us to offer the product as a stand-alone solution to our growing MSP partners and reseller base for them to enhance their offerings further, too.” Gordon Lawson, CEO of Conceal, further emphasized the partnership’s potential: "Kompingo's expertise in managed security services makes them an ideal partner. We’re confident that by infusing ConcealBrowse into their MDR offerings, we can provide users with unprecedented protection from web-centric threats." Together, Kompingo’s state-of-the-art Security Operations Centre and ConcealBrowse promise a robust defense against today’s sophisticated web threats. With Kompingo’s AI and machine learning-enhanced operations now complemented by Conceal's dynamic web content analysis, both organizations are poised to set a new benchmark in cybersecurity. About Conceal Conceal is at the forefront of defending against web-based attacks, using innovative technology to detect, prevent, and shield businesses and individual users from ever-evolving online threats. ConcealBrowse operates on the principle of proactive protection. Its AI-powered intelligence engine, ConcealSherpa, runs at machine speed with virtually zero latency to identify potentially harmful webpages autonomously, stopping cyber attacks that take advantage of weaponized links. For more information, visit https://conceal.io/. About Kompingo Situated at the crossroads of innovation and technology, Kompingo has etched its mark as a leading light in the IT security arena. Famed for its comprehensive managed services, Kompingo is dedicated to incubating IT security start-ups, nurturing technological advancements, and driving growth. Their plethora of services, spanning from co-managed and fully managed offerings to vCISO and penetration testing, makes them an indispensable ally in the cybersecurity domain. With a steadfast dedication to the Cyber Essentials Scheme and their top-notch Managed Detection and Response services, Kompingo remains a name synonymous with excellence.

Read More

Enterprise Security, Platform Security, Software Security

Conceal Enhances Browser Security in Strategic Partnership with NGS

Business Wire | August 17, 2023

Conceal, a forerunner in defending against web-based attacks, proudly announces its partnership with NGS, the UK's leading transformative cybersecurity solution provider. Through this collaboration, NGS clients will benefit immensely from Conceal's patented zero-trust browser solution, fortifying their web protection like never before. "As the cyber threat landscape evolves, it's crucial for businesses to be equipped with the most advanced tools to prevent potential breaches," said Jonathan Lassman, Founder and Director of NGS. "Integrating with Conceal allows us to provide our clients with a first-rate security solution that halts threats at the browser's doorstep, preventing data compromise and ensuring optimal user experience. We are thrilled about this partnership and ready to set new industry standards." Gordon Lawson, CEO of Conceal, shared, "NGS has proven its mettle in the cybersecurity arena, focusing on driving value and prioritizing user experience. This partnership will enable us to jointly address the sophisticated browser-based threats and challenges that modern businesses face. Together, we'll redefine web security for countless organizations." ConcealBrowse stands as a game-changer in the realm of web-browser security. Seamlessly integrating with existing security infrastructures, it offers minimal setup hassle and supplies invaluable telemetry data compatible with SIEMs and popular analytical tools. About NGS With its motto, "Be Transformative," NGS has made significant strides in the cybersecurity world, bridging the gap between emerging technology challenges and security solutions. Through strategic collaborations with top-tier vendors, NGS offers unparalleled security solutions tailored to modern business needs. Their holistic approach, focusing on delivering more for less, has made them a go-to for businesses seeking to bolster their digital defenses without breaking the bank. About Conceal Conceal is at the forefront of defending against web-based attacks, using innovative technology to detect, prevent, and shield businesses and individual users from ever-evolving online threats. ConcealBrowse operates on the principle of proactive protection. Its AI-powered intelligence engine, ConcealSherpa, runs at machine speed with virtually zero latency to identify potentially harmful webpages autonomously, stopping cyber attacks that take advantage of weaponized links. For more information, visit https://conceal.io/.

Read More

Network Threat Detection, Platform Security, Software Security

Coro Acquires Network Security Startup Privatise

Businesswire | July 27, 2023

Coro, the modern cybersecurity platform for mid-market organizations, today announced the acquisition of Privatise, an Israeli supplier of network security solutions for in-office and remote work. The acquisition adds critical SASE capabilities to Coro’s all-in-one platform and is part of an aggressive growth strategy, fueled by Coro’s $155M funding over the last 12 months, to expand the capabilities of Coro’s cybersecurity platform both organically and through strategic acquisitions. As the network edge continues to expand, Gartner predicts that by 2025, 80% of enterprises will have adopted a strategy to unify web, cloud services and private application access using a SASE/SSE architecture.** The challenge for mid-market organizations – who have lean IT teams, limited budgets and little to no cybersecurity expertise --is managing the cost and complexity typically associated with SASE implementations. With the Privatise acquisition, Coro now offers a single source of comprehensive security and protection -- all managed through a unified, cloud-based platform -- for any organizational configuration. Coro’s SASE solution includes military grade VPN, Secure RDP, ZTNA, Next Generation Firewall, DNS Filtering, and is fully integrated into Coro’s holistic security architecture, eliminating security gaps caused by siloed approaches to SASE. Whether a company’s assets are cloud first, on-prem, or hybrid, Coro can protect the user, the device they use, the network they connect through, their emails, and the data they access, use and share, all while ensuring compliance with critical supply chain and industry regulations. “Since its founding, Coro has focused on delivering a comprehensive, yet affordable and easy to use cybersecurity solution for mid-market companies,” said Guy Moskowitz, CEO, Coro. “By integrating Privatise’s SASE capabilities into our platform, we offer the industry’s first mid-market solution to deliver cloud-native, seamless and secure access to applications and resources regardless of location or device. We will continue to invest in Coro’s platform, both organically and through acquisition, to help companies strengthen their security posture and improve their operational efficiency.” The Privatise acquisition is the latest milestone in Coro’s growth and momentum. In April, the company announced a $75M funding round from Energy Impact Partners, bringing the total funding raised in the last 12 months to $155M. Coro projects it will grow 300% year-over-year in 2023, extending its extraordinary 300% annual growth record to a 5th year in a row. The Company’s modern approach to cybersecurity – delivering enterprise grade security through a single platform that unifies, simplifies and automates workloads -- has been validated by more than 5000 mid-market customers across every vertical industry. Over the past year, Coro tripled its revenue, customer and employee base, and signed more than 100 new channel partners. About Coro Coro provides modern cybersecurity that unifies comprehensive protection into a single platform. Coro empowers organizations to defend against malware, ransomware, phishing, data leakage, insider threats and email threats across devices, users, and cloud applications. More than 5,000 businesses depend on Coro for protection, unrivaled ease of use, and unmatched affordability. Coro’s cybersecurity platform automatically detects and remediates the many security threats that today's distributed businesses face, without IT teams having to worry, investigate, or fix issues themselves. In addition to Energy Impact Partners, investors in Coro include Balderton Capital, JVP, and Ashton Kutcher’s Sound Ventures.

Read More

More featured news