Understanding and Selecting RASP 2019 Research PaperBy Adrian Lane
So what is RASP? Runtime Application Self-Protection (RASP) is an application security technology which embeds into an application or application runtime environment, examining requests at the application layer to detect attacks and misuse in real time. RASP functions in the application context, which enables it to monitor security – and apply controls – very precisely. This means better detection because you see what the application is being asked to do, and can also offer better performance, as you only need to check the relevant subset of policies for each request.
There is no lack of data showing that applications are vulnerable to attack. Many applications are old and simply contain too many flaws to fix. You know, that back-office application that should never have been allowed on the Internet to begin with. These applications are often unsupported, with the engineers who developed them no longer available, or the platforms so fragile that they become unstable if security fixes are applied. In most cases it would be cheaper to re-write the application from scratch than patch all the issues, but economics seldom justify (or even permit) the effort. Other application platforms, even those considered ‘secure’, are frequently found to contain vulnerabilities after decades of use. Heartbleed, anyone? New classes of attacks, and even new use cases, have a disturbing ability to unearth previously unknown application flaws. We see two types of applications: those with known vulnerabilities today, and those which will have known vulnerabilities in the future.
But the real audience for this technology is developers who want to build security into their applications. As more and more software development shops embrace automation, RESTful APIs are no longer optional. Security need to be as automated and agile as development teams. Tooling that can both embed into the application stack for scalability and deployment, as well as help isolate which bits of code are truly vulnerable, are needed more than ever before. RASP is getting to be a mature product class and delivering security in the development pipeline and in production.
You can download our 2019 updated version of our Understanding and Selecting RASP paper on the link below: