Runtime Application Self Protection (RASP) is a security solution designed to provide personalized protection to applications. It takes advantage of insight into an application’s internal data and state to enable it to identify threats at runtime that may have otherwise been overlooked by other security solutions.
RASP wraps around and protects a particular application, rather than a general network-level or endpoint-level defensive solution. This more targeted deployment location enables RASP to monitor the inputs, outputs, and internal state of the application that it is protecting. By deploying RASP, developers can identify vulnerabilities within their applications. Additionally, the RASP solution can block attempts to exploit existing vulnerabilities in deployed applications.
RASP’s focused monitoring makes it capable of detecting a wide range of threats, including zero-day attacks. Since RASP has insight into the internals of an application, it can detect behavioral changes that may have been caused by a novel attack. This enables it to respond to even zero-day attacks based upon how they affect the target application.
RASP differs from other cybersecurity solutions in its level of focus on a single application. This focus enables it to provide a number of security benefits:
RASP’s flexibility means that developers can integrate it with many different applications. However, certain RASP use cases are more common, such as:
RASP can help to dramatically increase the resiliency of an organization’s applications; however, it needs to be integrated into the application development and deployment process to do so. To learn more about deploying RASP, contact us. You’re also welcome to request a demo to see Check Point’s web application security solution in action.