RASP is a technology that runs on a server and kicks in when an application runs. It’s designed to detect attacks on an application in real time. When an application begins to run, RASP can protect it from malicious input or behavior by analyzing both the app’s behavior and the context of that behavior. By using the app to continuously monitor its own behavior, attacks can be identified and mitigated immediately without human intervention.
Challenges
With so many vulnerable apps running in the enterprise, the challenge for network defenders is how to protect those apps from attack. One way is to have the applications protect themselves by identifying and blocking attacks in real time.
That’s what technology called Runtime Application Self-Protection (RASP) does.
How can this technology help you?
RASP incorporates security into a running application wherever it resides on a server. It intercepts all calls from the app to a system, making sure they’re secure, and validates data requests directly inside the app.
Both web and non-web apps can be protected by RASP. The technology doesn’t affect the design of the app because RASP’s detection and protection features operate on the server the app’s running on.
Advantages
Can both detect and block attacks on applications in real time
Cuts down on false positives and the noise typically generated by WAFs
Can deliver security that is better tailored to the app’s specific requirements without requiring changes to the application code
Can still monitor and protect an application’s security even as it is continually updated and further developed
Can protect the system even after the attacker has penetrated perimeter defenses
Provides actionable remediation information about where a vulnerability resides in the code (stack traces) to speed up remediation cycles
Request more information about RASP solutions
VENDORS
