Emerging from research labs into the dynamic and highly competitive Fintech Sector in 2012-13, Runtime Application Self Protection (RASP), a term used by Gartner to describe security technology that is embedded within an application, is now being taken seriously by forward looking Investment Banks with a culture of technical innovation, writes Hussein Badakhchani.
A number of FinTech start-ups managed to partner with Global Investment Banks through the innovation programmes that these institutions sponsor and now in 2016 the first fruits of these endeavours have reached maturity with RASP technologies running on production infrastructure, in some cases for well over a year, securing a broad range of retail and back office applications.
This is significant as the proponents of RASP were making some big claims for the technology that many in the Cyber Security industry were highly sceptical of. RASP promised to solve some of the most significant deficiencies found in traditional Web Application Firewalls, namely the complexity of managing large numbers of highly specific rules and perhaps more importantly the large numbers of false positives generated by this approach. Over the last year however, confidence in the claims being made by RASP vendors has strengthened significantly as RASP has proven its worth to the early adopters of the technology and this development has not been missed by their more cautious peers in the industry.
The key capabilities of RASP and the business benefits they translate into are Precision Application Protection, Virtual Patching and Zero Day Vulnerability Mitigation.