RASP is a technology that runs on a server and kicks in when an application runs. It’s designed to detect attacks on an application in real time. When an application begins to run, RASP can protect it from malicious input or behavior by analyzing both the app’s behavior and the context of that behavior. By using the app to continuously monitor its own behavior, attacks can be identified and mitigated immediately without human intervention.
With so many vulnerable apps running in the enterprise, the challenge for network defenders is how to protect those apps from attack. One way is to have the applications protect themselves by identifying and blocking attacks in real time.
That’s what technology called Runtime Application Self-Protection (RASP) does.
RASP incorporates security into a running application wherever it resides on a server. It intercepts all calls from the app to a system, making sure they’re secure, and validates data requests directly inside the app.
Both web and non-web apps can be protected by RASP. The technology doesn’t affect the design of the app because RASP’s detection and protection features operate on the server the app’s running on.