System Hardening against common vulnerabilities
Vulnerability Overview
In some situations, an attacker can escalate a particular security vulnerability to compromise the underlying server or other backend infrastructure. This is true for various security vulnerabilities that Waratek offers dedicated protection for, such as Path Traversal and XML External Entity (XXE) injection.
How Waratek’s Protection Works
For a specific security vulnerability, whether there is a dedicated Waratek rule that targets the vulnerability or not, it is possible to significantly reduce the impact of the vulnerability by using Waratek's system hardening rules.
For example, by using the ARMR Filesystem rule (File I/O Security Feature) and the ARMR Socket rule (Socket Control Security Feature) it can be possible to harden the system and prohibit the vulnerable application to access unwanted resources.
Please refer to the Waratek User Guide for more information about the Filesystem and Socket rules.
Protective Action
When a filesystem or network resource is accessed that is not allowed by a Filesystem or Socket rule then the IO operation is terminated and an exception is thrown according to the operation’s API.
Rule Applicability
The Filesystem and Socket rules can be enabled on any Java application.