Cisco CloudCenter: Get the Hybrid IT Advantage

Runtime Application Self-Protection (RASP)

Definition - What does Runtime Application Self-Protection (RASP) mean?

Runtime application self-protection (RASP) is a security technology that enables an application to protect itself by identifying and blocking any malicious attacks in real time. The protection resides within the application’s runtime environment and intercepts all calls to determine if they are secure.

Runtime application self-protection provides tamper detection capabilities, and adds protection features into an application’s runtime environment, hence increasing the level of protection against malicious attacks.

Techopedia explains Runtime Application Self-Protection (RASP)

Runtime application self-protection is either linked to, or built into the application or the application’s runtime environment. It is then customized to automatically terminate a session, repair altered code, and alert the admin or security personnel in response to attacks, threats or other certain conditions.

There are various ways of applying RASP:

  • Precise security checks, determined by developers, to protect certain portions of code such as the administrative functions, logins and database queries
  • Securing the application using third-party software in which the RASP plug-ins for .NET and Java determine when the protection is required
  • Add-ons that provide self protection usually come into play when the application is executed, enabling the application to monitor itself, detect any malicious activity and defend itself in real time.

RASP provides a detailed view into the actions of the system, such as insight into application configuration, logic, event flows and data. This helps to improve security accuracy by detecting and preventing attacks. With self-protecting data, the data remains protected throughout, from the time the data is created to the time it is destroyed, and everything in between. The self-protecting data helps organizations meet some regulatory requirements. Furthermore, if the self-protected data is stolen, hackers cannot read or use the data.

However, RASP must be added to each individual operating system or device it is to protect, making scalability and language dependence a challenge.

By having visibility into an application’s logic, data and events flow, RASP is able to accurately detect, block and report attacks, and thereby ensure a safe environment for the applications and data.

Share this:

Connect with us

Email Newsletter

Join thousands of others with our weekly newsletter

The 4th Era of IT Infrastructure: Superconverged Systems
The 4th Era of IT Infrastructure: Superconverged Systems:
Learn the benefits and limitations of the 3 generations of IT infrastructure – siloed, converged and hyperconverged – and discover how the 4th...
Approaches and Benefits of Network Virtualization
Approaches and Benefits of Network Virtualization:
Businesses today aspire to achieve a software-defined datacenter (SDDC) to enhance business agility and reduce operational complexity. However, the...
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.