What is Runtime Application Self Protection(RASP)

What is RASP?

RASP stands for Runtime Application Self Protection, it is a technology that secures applications in runtime. RASP starts whenever any application configured with RASP executes and it protects the application in real-time.

RASP intercepts all the calls between the app and the system validates them and makes sure they are secure. Whenever there is a security incident happened RASP blocks it or logs it based on the configuration

For example, when any admin functions are accessed due to some vulnerability RASP blocks the call and based on configuration it might also terminate the session. Similarly, let’s say there is a SQL injection request that will be blocked and the session will be terminated.

Firewalls usually understand the data between client to server or application but they are out of scope for the application and internal data so if there is a vulnerability getting exploited internally like SSRF or buffer overflow then firewalls fail but RASP blocks those requests and terminates the session

How to implement RASP?

RASP can be implemented in two ways

In the code
Wrapper around the application

In the code:

In this way, the developer inserts the points where the protection is needed like database queries and logins and this is more accurate as the developers know what information needs to be protected.

Wrapper around the application:

In this way, the application was completely built and RASP will be wrapper around the application

Different modes in RASP:

Monitor
Protection

Monitor:

In monitor mode whenever the security incident occurs RASP will raise alerts and RASP won’t block any attack

Protection:

In protection mode whenever a security incident occurs RASP will block the attacks and send alters to security personnel based on configuration.

RASP helps in BYOD, and mobile protection where the connection to guests is high in number. With all the benefits of RASP, there is a downside which is performance. Depending on how you implemented RASP, application performance will take a hit.

Keeping everything aside RASP is one of the best tools that we have in information security.

Some of the tools related to RASP are Tcell, Sqreen, OpenRASP, and Imperva.

0 Shares

Security Diaries All About Security

X-Frame Options Missing, don’t let your button miss the click

Memory Segmentation In a Nutshell

Securing Cookies. Beyond document.cookie

Everything a Security Analyst need to know about FAT File System

Hackers using Facebook messenger to mine cryptocurrency

Hackers using wordpress websites to mine cryptocurrency

Everything you need to know about Block Chain Technology

What is Active Directory: Basics of Active Directory

How to find IP address of anyone

What is TCP/IP stack

Free Malware scanners for WordPress

What is Supply Chain Attack: The Attack That Keeps Every WordPress Site Vulnerable

Hackers using wordpress websites to mine cryptocurrency

Captcha Plugin Installs Backdoor in 3 Lakh wordpress websites

What is Active Directory: Basics of Active Directory

Understanding permissions in windows

NTFS File System Basics and Structure

Everything you need to know about File System Basics as a Forensic Analyst

What is UFS – Unix File System and ext Family

NTFS File System Basics and Structure

Everything you need to know about File System Basics as a Forensic Analyst

How to access Dark Web or Deep Web for noobs

NTFS File System Basics and Structure

Everything you need to know about File System Basics as a Forensic Analyst

How to access Dark Web or Deep Web for noobs

What is Runtime Application Self Protection(RASP)

Related Articles

About Manindra Simhadri

Leave a Reply Cancel reply