6 | Acquisition International, February 2025 Scalable Security with Waratek Waratek believes security should be scalable and is helping organisations achieve that with control through policy. Its Securityas-Code suite protects applications at scale for enterprises around the world. With an original focus on effecting changes in compilers to improve the efficiency of applications, the firm soon realised that it could do the same thing from a security perspective. We find out more as the company is recognized in the Global Excellence Awards 2025. Contact: Douglas Ennis, CEO Company: Waratek Web Address: Waratek.com Email: [email protected] As the leader in the next significant shift toward proactive security platforms, organisations of all sizes rely on Waratek’s solutions to prescriptively secure their business-critical applications to deliver financial services, supply chain management, and communications and entertainment platforms. Waratek is committed to building a unique application and API security company with a different approach. Rather than focusing on lagging indicators like network traffic and regex, the firm fixes vulnerabilities in the code while applications run, meaning security professionals and developers love these solutions for the low friction and ease of scalability. “We are changing the game for application security by using a fresh approach that tackles vulnerabilities like no one else can: within the code,” explains James E Lee, the Executive Vice President for Waratek. “We are deeply passionate about our work and the difference we make for our customers and community.” The firm’s journey began with a singular mission: to build the world’s best compiler. But on a fateful day back in 2014, a major financial institution challenged the company to solve SQL injection. Going back to the drawing board, the Founders discovered that they had accidentally created a groundbreaking way to fix vulnerabilities directly in the code. This pivot has positioned Waratek as a leader in runtime application self-protection (RASP). By tracing data flow through the application or API, Waratek can identify when untrusted network data interacts with vulnerable code, including open source, proprietary, and custom code. When such interaction occurs, Waratek instantly replaces the vulnerable code in memory with a remediated version. This real-time swap ensures future references to the code will use the remediated version, guaranteeing every request - not just one out of a thousand - is thoroughly protected as there’s no longer any vulnerability to exploit. That real-time security detects and eliminates threats in code at runtime without affecting performance in any way. Unlike traditional tools that rely on pattern matching or static signatures, Waratek’s lexical analysis and taint tracking to detect and remediate vulnerabilities in real time makes our solution uniquely effective against zero-days and runtime exploits like SQL injection. James elaborates: “Our technology delivers ultra-low false positives while providing nearperfect application protection that integrates seamlessly into enterprise workflows. “Organisations need solutions that are active, adaptable, and do not interfere with application functionality.” The company’s primary solution - Waratek Secure - offers the ability to block attacks against known and Zero Day vulnerabilities using rules that can be applied instantly without app downtime or source code changes. The same solution also allows teams to instantly remediate flaws by applying virtual patches, also without app downtime or source code changes. This approach allows teams to reduce time to protect apps or remediate flaws from months to minutes. Then there is Waratek Elevate that ensures legacy constraints don’t compromise security. Elevate virtually upgrades apps and APIs to meet compliance like TLS 1.2 and eliminate EOL version vulnerabilities. Elevate allows security teams to package legacy applications in a portable, infrastructure-agnostic container to take advantage of modern infrastructure innovations while meeting security and regulatory requirements, including ultralow performance overhead; enhanced performance in some apps; refreshed legacy platforms like Apache Tomcat and Weblogic; and automatic application of Java Critical Patch Updates. “Waratek secures legacy and modern applications alike, which helps us retain our customers long-term, our average install lasts over 4.5 years,” enthuses James. “Our platform is incredibly versatile, as demonstrated by our ongoing OEM agreements with multiple other platforms.” For its innovative solutions, Waratek recently gained notable recognition in the Global Excellence Awards 2025, receiving the status of Best Open-Source App Protection Solutions Provider 2025 – USA. Now, the firm has its sights firmly set on the future and is dedicated to continuing to innovate its offering to match the changing needs of the market, with a roadmap including advancements in shift-left security, which will help it secure applications from development through production.
RkJQdWJsaXNoZXIy NTY1MjM3