Case Study: Global Financial Services Company achieves no-downtime application security with Waratek virtual patching

Saving Time and Costs with Virtual Patching

Global Financial Services Company, a global financial services institution, needed a way to keep hundreds of internal Java web applications secure without the high cost and operational disruption of frequent traditional patching. After evaluating the environment, the company found that quarterly vulnerability patching across multiple Java versions would require significant staff time, money, and risk to customer-facing operations. It selected Waratek and its virtual patching approach to address the challenge without code changes.

Waratek integrated into the company’s application hosting platform and applied virtual patches equivalent to Oracle Critical Patches while the applications remained in production. The results included no false positives over two years in unconditional blocking mode, emergency virtual patches delivered in under 24 hours for critical issues such as Struts 2, and only about 3% performance overhead under attack. With Waratek, the company reduced patching burden, improved security, and freed staff to focus on improving applications and infrastructure.