RASP

Runtime Application Self-Protection (RASP)

What Is Runtime Application Self-Protection (RASP)?

Runtime application self-protection (RASP) is a security technology that is built or linked into an application runtime environment, and is capable of controlling application execution and detecting and preventing real-time attacks.

Why Your Applications Need Runtime Application Self-Protection (RASP)?

detect-deter-graphic2

As the number of applications running in distributed or untrusted environments continue to rise, so do the frequency, sophistication and severity of security threats. The following are some examples of applications that run in distributed or untrusted environment:

  • Mobile applications (Mobile Banking/Payments, Corporate Apps, Healthcare, Digital Media, Gaming, etc.)
  • Packaged software (ISV, Gaming, Digital Media, etc.)
  • Embedded software / “Internet of Things” (Connected wearable devices, Connected Homes, Connected Cities & Transportation, etc.)
  • Software running in untrusted environments (Cloud / Third-party Datacenter, Emerging Markets, etc.)

Legacy technologies just don’t suffice in offering the best runtime protection for the above applications. Without Runtime Application Self-Protection (RASP), external malicious apps can intercept the execution of genuine application at runtime and modify it for nefarious activities.

“Infrastructure and perimeter protection technologies inherently lack insight into application logic and configuration, event and data flow, executed instructions and data processing. Thus, they lack the necessary means to ensure accurate detection of application vulnerabilities and protection against application-level attacks.” – Gartner Maverick Research1

It’s recommended to follow secure coding and traditional app security best practices, as part of SDLC, to protect applications against runtime attacks. However, they are not sufficient to safeguard the applications against sophisticated runtime attacks. Also, Developers are not necessarily security experts.

Leading analysts and industry experts are emphasizing the need for Runtime Application Self-Protection (RASP), a security technology that is built or linked into an application or application runtime environment, and is capable of controlling application execution and detecting and preventing real-time attacks.

“Apps must be capable of security self-testing, self-diagnostics and self-protection. It should be a CISO top priority.” – Gartner Maverick Research1

“It (‘application hardening and runtime protection’) is a critical component in the strategy to secure enterprise software, embedded systems, mobile apps and the much-bandied ‘Internet of Things’.” – 451 Research

How Does Arxan Implement Runtime Application Self-Protection (RASP)

Arxan’s application protection enables Runtime Application Self-Protection (RASP) measures inside the application using it’s unique Detect-React methodology. These proactive measures detect runtime attacks via a range of techniques, and respond to those attacks with customizable actions.

Arxan’s Runtime Application Self-Protection (RASP) employs the following security measures to address today’s sophisticated runtime attacks:

  • Verify application code and data integrity at runtime
  • Accurately identify and prevent attacks, given visibility into an application’s logic and data flow
  • Check to ensure that the application is running in a safe environment (e.g., detecting if an app is running on a jailbroken/rooted device or if a debugger is running, that could enable attackers to examine a program while it is running)
  • Detect malicious activity from other running apps via Swizzling or Hooking
  • Respond to runtime attacks with customizable actions, which may include:
    • Replacing tampered code with the original code during runtime
    • Exiting the application safely when a runtime attack is detected
    • Alerting monitoring systems that an attack has happened