To address shifting challenges and stay aligned with a faster pace of application development, Prevoty has architected a solution based on the principles of LANGSEC and delivered as a Runtime Application Self-Protection (RASP) tool.
This innovative model presents a significant change in the way application security is delivered to the enterprise.
Keep reading to learn more about the science behind this award-winning technology.
Runtime application self-protection (RASP) is a radically effective, new entrant in the application security space.
Traditional solutions like static application security testing (SAST), dynamic application security testing (DAST), and interactive application security testing (IAST) focus on the development and testing side. Web application firewalls (WAFs) and next-generation web application firewalls built on rulesets and signature lists utilize a black vs. white perimeter approach.
RASP focuses on protecting applications from within, both in production and at runtime. Depending on the nature of the implementation, RASP transforms or blocks malicious or malformed content, database queries, and token activity. A RASP’s coverage, performance, integration and real-time alerting capabilities will also vary depending on deployment.
Gartner defines runtime application self-protection (RASP) as “a security technology built or linked into an application runtime environment to control execution and prevent real time attacks.”
RASP solutions are tightly coupled with application code constructs susceptible to malicious exploit. Instead of blindly guessing that a particular payload will (or will not) exploit the code, RASP inspects the complete (and often-times transformed data) in the context of how the application will use it.
Proactively surfaces real-time attacks in production, with few false positives
Works with all types applications, including secondary (third party, legacy, support, etc.)
Mitigate vulnerabilities by neutralizing threats at runtime -- without needing to alter source code
Dramatically lower your application risk of code injection attacks like XSS, CSRF, SQLi
With RASP, up to 95% of an Application Security Testing (AST) vulnerability backlog may not need remediation. The threat will automatically be neutralized in case of attack in production.
Implementing RASP in monitoring mode lets you identify potential vs. actual vulnerabilities by showing real (not theoretical) attacks in your SIEM, log, WAF, etc.
Push applications into production faster without worrying about vulnerabilities. Use Prevoty during the design/test phase to see what an application will do at runtime (e.g. database calls, file read/write, login/logout, etc.)
Security and Development teams can coordinate even during agile and continuous development. Prevoty also centralizes security administration across multiple application development units.
RASP instantly protects older, perhaps non-compliant legacy applications that do not have active development or dedicated remediation resources.
External protections like IPS and WAF serve the front-line, while RASP waits -- inside the application -- to intercept inputs and analyze how they interact with internal processes. RASP is the final line of defense.
RASP Plugins and SDKs can be an effective part of a proactive secure coding training program
With Runtime protection, PCI compliance can be achieved that is fast, accurate and simple to maintain.
Prevoty has developed a high-performance RASP solution based on the LANGSEC methodology.
It supports applications at any stage of development: new potential releases, existing deployments, third-party and legacy applications.
By automatically neutralizing actual cross-site scripting (XSS), SQL injection (SQLi), cross-site request forgery (CSRF) attacks, applications can now self-defend against 95% of gateway attacks.ⁱLearn more about Prevoty's RASP