What it is and how it works
RASP security products integrate with an application to prevent attacks at runtime by analyzing traffic and end user behavior. When RASP products detect an attack, they issue alerts, block application execution for individual requests, and sometimes virtually patch the application to prevent further attack. RASP solutions are not an application security silver bullet. They should complement, rather than replace, your testing strategy.
- Code-level visibility into applications beyond what a web application firewall (WAF) provides
- Both passive and active incident response features (e.g., monitoring/alerting and blocking modes)
- Ability to be configured to log, alert, and block what it identifies as attacks
- Support for many languages and platforms
- Autonomous operation, with an on-premises remote server or no remote connectivity whatsoever
- Coverage for a broad set of vulnerabilities
SAST, IAST, DAST, and RASP—you may not need them all, but any savvy DevSecOps organization will want at least two in their application security toolkit. With tools that complement one another, your teams can inject security into the SDLC at the speed that software development demands today.