- RASP a security technology that is built into an application and can detect and then prevent real-time application attacks.
- RASP comes into play when the application is executed (runtime), causing the program to monitor itself and detect malicious input and behavior.
- By moving beyond security only at the perimeter of a network or an endpoint, RASP enables applications to defend themselves.
- No modification to your applications (say Java) is required to have RASP. You need to use instrumented Java libraries to get the RASP protection.
- Gartner predicts that it is an emerging technology that is in innovation stage compared to Web Application Firewalls (WAFs) which are in the enlightenment stage.
- There are performance implications to RASP: Calls to the security libraries add overhead.
Gartner, Earl Perkins, Top Security Trends for 2015-2016