Waratek takes on SQL injections with new RASP approach

Companies looking to protect their Web applications from SQL injection attacks typically install a firewall in learning mode and train it to recognize attacks. It’s not a perfect solution, but it’s been the best available.

But now Dublin-based vendor Waratek claims to have completely solved the problem with a cutting-edge approach that Gartner calls Runtime Application Self-Protection.

“Initially, we were pretty skeptical,” said Eoin Keary, founder of BCC Risk Advisory, also based in Ireland.

Keary has been a global board member of the Open Web Application Security Project for five years and wrote the OWASP Code Review Guide.

“My company was asked by Waratek to assess their solution and try to break the software,” he said. “We break software very well. We used very advanced contractors, attack vectors to bypass firewalls, the types of attack vectors used by very advanced exploitation attempts.”

To read this article in full or to leave a comment, please click here