Free Trial enabled.

Waratek Locker enables you to secure your applications, providing Runtime Application Self Protection (RASP), that is within your own control. Waratek Locker is a secure container where you can upload your existing applications and, with no code changes, protect your application and environment against business logic and network layer threats such as SQL injection and Zero Day attacks. Vulnerability exploitations protected against include the following :

1. Attacks leveraging unsecured code (including 3rd party libraries)
2. Insertion of malicious code into runtime environment
3. Unauthorized attempts to extract information from database backends

For a detailed description of the rule-based engine and further information about Locker please visit: www.waratek.com/locker

Secure Tomcat container for runtime protection of Java applications and environment

Waratek Locker consists of Apache Tomcat 7 and Waratek Application Security for Java, an enterprise level Oracle compliant implementation of the Java Standard Edition (SE) 6 specification, that provides Run-Time Application Self-Protection for Java applications and environment against business logic and network layer attack vectors.

Any application launched inside Tomcat 7 will execute in the Waratek Locker runtime environment and employs a rule-based engine to manage and deploy the security features.

The Waratek rule file is pre-configured with rules that block malicious attacks through Tomcat controlling:

• File access -> Restrict application's read/write/execute access to only required files and directories
• Network access -> Restrict application's access to only required network features
• SQL injection -> Run your application in 'learn mode' or 'block mode'
• Advanced protection -> Restrict class linking, reflection, throwables, and more

To author your own custom security rules you can download a free tool from our website: www.waratek.com/rules