Alert

RASP rings in a new Java application security paradigm

JavaWorld | By Hussein Badakhchani

Runtime Application Self Protection (RASP) is a next-generation cyber security technology designed to redress some of the weak points of application security. Unlike firewalls or code analysis, runtime-based technologies contain application data and contextual awareness, enabling them to be both precise and preemptive.

In this article I introduce RASP. I’ll briefly compare RASP to other cyber security techniques and explain the factors that enable a runtime-based security solution to fend off common forms of cyberattack, including command injection, cross-site scripting, and SQL injection. I’ll also introduce the characteristics of different RASP implementations and briefly discuss existing RASP solutions for Java-based applications.


Java vendors for RASP

Currently the three top vendors for Java-based RASP solutions are Contrast Security, Prevoty, and Waratek. Contrast’s implementation is instrumentation-based, Waratek’s are fully virtualized with container-based RASP, and Prevoty offer a plugin and an SDK.

Waratek won the coveted RSA Innovation Sandbox Award in 2015, and Prevoty where finalists in 2016. All three vendors have accumulated a number of other security and innovation awards. These vendors have announced commercial engagements and partnerships that set the stage for enterprise-scale RASP deployments into production environments. Waratek is the only vendor that can boast of a large-scale production deployment with a Tier 1 global investment bank, the most significant deployment of RASP that exists for Java technology today.


Read the full article here

Related alerts

Ready to scale Security with modern software development?

Work with us to accelerate your adoption of Security-as-Code to deliver application security at scale.