The United States Congress ratified the Cybersecurity Framework set forth by the National Institute of Standards and Technology (NIST) in 2014 to standardize the practices and controls that mitigate constantly evolving cyberthreats. The framework has been adopted by federal and local government entities as well as a growing number of global businesses, including JP Morgan Chase, Microsoft, Boeing, Intel, Bank of England, Nippon Telegraph and Telephone (NTT) Corporation, and the Ontario Energy Board. According to Gartner’s 2019 Security and Risk Management Survey, 73 percent of organizations worldwide have incorporated some parts of the NIST Cybersecurity framework into their respective risk programs.
The most recent evolution of the framework (NIST SP 800-53 Revision 5 Draft) includes new standards that apply directly to application security practitioners. Section SI-7(17) (p.339) outlines Runtime Application Self-Protection (RASP) as a control to mitigate risk due to software security vulnerabilities, such as insecure code, software supply chain vulnerabilities, and other factors.
The addition of this control by NIST is a recognition that automated application security instrumentation is critical to lowering the risk posed by software vulnerabilities. Combined with continuous integration and delivery capabilities, using RASP enables teams to release applications with stronger security and lower risk without delaying production releases.
At Imperva, we’ve taken a unique approach to RASP that enables our customers to lower risk and recognize rapid time to value. Imperva RASP does this by leveraging Language Theoretic Security (LANGSEC) as its mechanism for attack detection. Our RASP solution does not require signatures or a learning phase, as it evaluates payloads (SQL queries, operating system commands, etc.) in real time and with the entire application context. The absence of signatures means lower maintenance costs and overall TCO.
Just one example of the immediate benefits of RASP was observed when Shutterfly, a leading digital retailer and manufacturer, began deploying Imperva RASP as an artifact in each application release. Shutterfly’s application development team instantly slashed its backlog of vulnerabilities and reduced the criticality of all its vulnerabilities by at least one level.
Another differentiator about our RASP technology is that it is completely autonomous, which means that it doesn’t make network calls to a “central brain” in the cloud. The Imperva RASP solution can be configured in an intuitive cloud console and can be deployed into existing build pipelines without any infrastructure and application changes. Simply embed RASP into existing or new applications and view prevented attacks – as well as other ROI indicators – in your SIEM or in Attack Analytics.
Figure 1: RASP sits within applications to examine threats in real time with full application context, delivering reputable site traffic while blocking threats.
RASP has enabled our customers to:
- Automatically detect and block the exploitation of software vulnerabilities by employing with high accuracy and low performance overhead quickly, without signatures, learning modes, or code changes
- Release high-risk applications faster, including those with known critical vulnerabilities, with the assurance that RASP mitigates against their exploitation
- Uncover and block application tampering (including the ability to see lateral or “east-west” traffic that perimeter-based solutions cannot see)
- Deploy security designed for DevOps that scales with applications wherever and however they are deployed: on-premises, in the cloud, in virtual environments, or in containers
Overall, RASP makes applications more resilient to attacks targeting code exploits, keeping your apps running, while protecting the underlying data and ultimately the privacy of individuals.
At Imperva, we believe our analyst leading RASP solution will help you buy-down your application security risk quickly.
To learn more about RASP call +1 (866)-926-4678 or request a demo today.