Waratek has released a security rules update in coordination with the quarterly Critical Patch Update (CPU) for Java released by Oracle on Tuesday, July 20th. Waratek customers may immediately apply the patch to their Java applications without taking their apps out of production.
This quarter's Oracle CPU includes 13 important security updates for Java SE, more than half of which are remotely exploitable over a network with high-severity CVSS Scores between 7.0 and 10.0. Click for full details.
“Our customers and other application owners really do need to apply these Java CPU patches as soon as possible,” advised Waratek CTO & Co-Founder John Matthew Holt. “Oracle's Java Team has been making tremendous efforts over the last several years to rapidly respond to Java security issues. The escalating necessity for advanced cybersecurity programs is driving the need for faster time-to-remediation for all types of security issues, and Java is no exception.”
By updating the Waratek rules engine to address these high risk vulnerabilities, customers using the company’s Runtime Application Self-Protection (RASP) solution are able to virtually patch their workloads to remediate the severe vulnerabilities included in the physical Oracle CPU. Unlike traditional patching processes, virtual patching does not require applications protected within a Waratek secure, virtual container to be taken out of production to get the benefits of vulnerability updates.
“It’s important that businesses apply these patches as soon as possible to help ensure they don’t fall victim to an attack. According to Verizon, 85% of successful exploits involve the Top 10 known vulnerabilities that have not been patched despite fixes being available from Oracle for months or years. Virtual patching allows large, medium, and small businesses to automate their CPUs – saving time and money that can be better spent on higher value activities – and mitigate the risks that come from delaying the upgrade to the latest security protections,” noted Holt.
About Waratek
Waratek is a pioneer in the next generation of application security solutions known as Runtime Application Self-Protection or RASP. Waratek’s RASP solutions are highly accurate, easy to install, simple to operate, and do not slow application performance – providing protection against known and unknown vulnerabilities in current and legacy software.
Waratek has received ten industry awards, including the 2015 RSA Conference’s Innovation Sandbox Award. Waratek Ltd is based in Dublin, Ireland and serves EMEA. Waratek Inc, is based in Atlanta, Georgia and serves the Americas. For information visit Waratek.com.
