What Does Runtime Application Self-Protection (RASP) Mean?
Runtime application self-protection (RASP) is a security technology that enables an application to protect itself by identifying and blocking any malicious attacks in real time. The protection resides within the application’s runtime environment and intercepts all calls to determine if they are secure.
Runtime application self-protection provides tamper detection capabilities, and adds protection features into an application’s runtime environment, hence increasing the level of protection against malicious attacks.
Techopedia Explains Runtime Application Self-Protection (RASP)
Runtime application self-protection is either linked to, or built into the application or the application’s runtime environment. It is then customized to automatically terminate a session, repair altered code, and alert the admin or security personnel in response to attacks, threats or other certain conditions.
There are various ways of applying RASP:
- Precise security checks, determined by developers, to protect certain portions of code such as the administrative functions, logins and database queries
- Securing the application using third-party software in which the RASP plug-ins for .NET and Java determine when the protection is required
- Add-ons that provide self protection usually come into play when the application is executed, enabling the application to monitor itself, detect any malicious activity and defend itself in real time.
RASP provides a detailed view into the actions of the system, such as insight into application configuration, logic, event flows and data. This helps to improve security accuracy by detecting and preventing attacks.
With self-protecting data, the data remains protected throughout, from the time the data is created to the time it is destroyed, and everything in between.
The self-protecting data helps organizations meet some regulatory requirements. Furthermore, if the self-protected data is stolen, hackers cannot read or use the data.
However, RASP must be added to each individual operating system or device it is to protect, making scalability and language dependence a challenge.
By having visibility into an application’s logic, data and events flow, RASP is able to accurately detect, block and report attacks, and thereby ensure a safe environment for the applications and data.