Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
Runtime application self-protection (RASP) is a security technology that enables an application to protect itself by identifying and blocking any malicious attacks in real time. The protection resides within the application’s runtime environment and intercepts all calls to determine if they are secure.
Runtime application self-protection provides tamper detection capabilities, and adds protection features into an application’s runtime environment, hence increasing the level of protection against malicious attacks.
Runtime application self-protection is either linked to, or built into the application or the application’s runtime environment. It is then customized to automatically terminate a session, repair altered code, and alert the admin or security personnel in response to attacks, threats or other certain conditions.
There are various ways of applying RASP:
RASP provides a detailed view into the actions of the system, such as insight into application configuration, logic, event flows and data. This helps to improve security accuracy by detecting and preventing attacks. With self-protecting data, the data remains protected throughout, from the time the data is created to the time it is destroyed, and everything in between. The self-protecting data helps organizations meet some regulatory requirements. Furthermore, if the self-protected data is stolen, hackers cannot read or use the data.
However, RASP must be added to each individual operating system or device it is to protect, making scalability and language dependence a challenge.
By having visibility into an application’s logic, data and events flow, RASP is able to accurately detect, block and report attacks, and thereby ensure a safe environment for the applications and data.