<img height="1" width="1" style="display:none;" alt="" src="https://analytics.twitter.com/i/adsct?txn_id=nv7vl&amp;p_id=Twitter&amp;tw_sale_amount=0&amp;tw_order_quantity=0"> <img height="1" width="1" style="display:none;" alt="" src="//t.co/i/adsct?txn_id=nv7vl&amp;p_id=Twitter&amp;tw_sale_amount=0&amp;tw_order_quantity=0">

Web Application Security Blog

Using RASP to Make Bug Bounty Programs More Efficient

POSTED BY  Mike Milner on Feb 16, 2017
Feb 16 2017

Bug bounty programs have gained popularity throughout the tech industry, cropping up at tech giants such as Facebook, Google, and more recently Apple. The programs effectively crowdsource manual penetration testing (pen testing), allowing users...

Continue Reading ›

TOPICS     RASP

Improve Productivity Across Your Organization with RASP

POSTED BY  Richard April on Feb 09, 2017
Feb 09 2017

Every innovation today revolves around streamlining. We seek the fastest way to get from point A to point B, the fastest way to shop, pay, interact with each other and with other devices, etc. People simply do not have the time to spend that they...

Continue Reading ›

TOPICS     RASP

Stop Account Takeover in its Tracks

POSTED BY  Mike Milner on Jan 10, 2017
Jan 10 2017

It seems that everyday we see headlines announcing a data breach that resulted in theft of information for hundreds of thousands, millions, or even billions of users. These are clearly brand damaging headlines, and the numbers are certainly...

Continue Reading ›

TOPICS     RASP  Account Takeover  Stolen Credentials

4 Predictions for 2017 and Beyond

POSTED BY  Zaid Al Hamami on Jan 05, 2017
Jan 05 2017

1. Runtime Security Instrumentation finds more adoption

I talked previously about application runtime security instrumentation, of which IAST/RASP are the most well known applications. Both IAST/RASP, as well as application runtime security...

Continue Reading ›

TOPICS     AppSec Tools  RASP  Web Application Security

IAST, RASP, and Runtime Instrumentation

POSTED BY  Zaid Al Hamami on Jan 03, 2017
Jan 03 2017

The Application Security Testing (AST) technology market is made up of the following categories:

Continue Reading ›

TOPICS     Application Security  RASP

Web Application Health

POSTED BY  Mike Milner on Dec 22, 2016
Dec 22 2016

The reality of today’s world is that there is no clear perimeter to an organization’s information systems. That means that controlling the network edge is no longer the way to effectively secure web applications or an entire system. Access...

Continue Reading ›

TOPICS     RASP  Web Application Security

RASP and Security Against Internal Breaches

POSTED BY  Mike Milner on Dec 13, 2016
Dec 13 2016

As companies consider their application security posture, it is critical to remember that breaches can come from both outside and inside the company and its trust boundaries. Internal threats require just as much protection as external risks.

Continue Reading ›

TOPICS     Insider  Application Security  RASP

The Relationship Between RASP, Mobile Apps, and Web Service Infrastructure

POSTED BY  Mike Milner on Dec 01, 2016
Dec 01 2016

Mobile applications do not run on their own—almost every useful app is backed by one or more web services running in the background to perform most actions and to link them to enterprise systems. Even though you don’t really see this part, your...

Continue Reading ›

TOPICS     Vulnerabilities  RASP  Web Application Security  Mobile App Security

Framework Security: Building Self-Protecting Applications

POSTED BY  Oliver Lavery on Nov 29, 2016
Nov 29 2016

The problem with web security

Humans are, alas, highly fallible beings. While we are good at creativity and reason, we are pretty bad at mechanically applying rules and taking care of repetitive tasks. And what is web application security,...

Continue Reading ›

TOPICS     RASP  Web Application Security

RASP Adoption: A View From the Trenches (Part 3)

POSTED BY  Goran Begic on Nov 23, 2016
Nov 23 2016

In the first two parts of this three-part post I introduced basic concept surrounding runtime application self-protection (RASP) and how it differs from web application firewalls (WAF). In the second part, I discussed features and use cases that...

Continue Reading ›

TOPICS     Application Security  RASP  Web Application Security