Waratek, a pioneer in the next generation of application security solutions, announced a new false positive guarantee tied to the Waratek Application Security Platform. For every instance of a false positive generated for the Open Web Application Security Project (OWASP) Top Ten, Waratek is offering customers $10,000.
According to the Ponemon Institute, the average labor cost of chasing false security alerts is $25,000 per week. That doesn’t represent all false alarms for a typical enterprise – that’s the cost associated with the investigation of just four percent (4%) of such alerts. Organizations spend an average of 395 hours each week responding to false positives.
“Current application security technologies rely on heuristics that generate false positives,” said John Matthew Holt, founder and chief technical officer. “That’s not the case with our Application Security Platform. Our patented technology is based on virtualization techniques that allow us to determine if an operation is an attack or a permissible request with pinpoint 100% accuracy.”
The guarantee of no false positives is based on the 2013 OWASP Top Ten list of security flaws. In the event Waratek identifies a permissible action as a false positive on a live system, the company will issue a credit in the amount of $10,000 per unique event. During the nearly two years the patented Waratek Application Security Platform technology has been in global production, it has never produced a false positive.