The Pros and Cons of RASP in 8 Minutes

There are two concerning data points in application security today. First, the Verizon Data Breach Investigation Report identified web applications as the leading cause of confirmed breaches in 4 of the last 5 years. Second, the DevSecOps 2018 Community survey found that even among high-performing DevOps organizations, 33% of organizations experienced or suspected a web breach in the last 12 months. Clearly, web applications and APIs are being left undefended.

To defend applications at runtime, a new class of defense was born under the name of Runtime Application Self Protection, or RASP, mostly due to the failures of web application firewalls to solve similar problems. While this new space has been up-and-coming for a few years, the truth is this: most RASP approaches don’t get it right. In this video we break down RASP architecture limitations and evaluate the main areas that many RASP solutions struggle with, including:

Deployment limitations and coverage issues
Performance impact and overhead
Compromised reliability due to complexity

At Signal Sciences, we provide a RASP that is flexible in deployment, has the lowest performance impact in the market and delivers a highly scalable and reliable solution trusted by the largest companies on earth. In short, Signal Sciences has a RASP that gets it right.