Programming languages are becoming more powerful and capable, and applications more porous than before. Evolving constraints, patterns and definition lists make validating data inputs and preventing injections while maintaining performance unwieldy and difficult. Nobody wants vulnerabilities, but with the rise of Agile DevOps, security is usually playing catch-up.
New embedded runtime security tools coined Runtime Application Self-Protection (RASP) are enabling developers and security admins to see beyond potential vulnerabilities and identify actual attacks that hit applications in production. This talk will introduce RASP based on the LANGSEC methodology and its mission to align security and DevOps – giving both teams the visibility and automation they need to work in synchrony.
What You’ll Learn
- Discover how automated security tools can seamlessly integrate with existing Continuous Integration/Continuous Development DevOps processes
- How to gain visibility into complex, live application attacks in production and shift the paradigm from potential vulnerabilities to real threats
- How we are using runtime security to automatically neutralize 98% of vulnerabilities in production — even for legacy or third-party code