Protect applications from within
Application risk reduction
RASP protects your application from vulnerabilities so your teams can focus on business logic than drown in security technical debt while not leaving your application exposed to potential exploitation
Security as business transforms
With fading controls and ephemeral workloads, cloud native applications need more than just perimeter security. RASP provides security from within and goes wherever your application goes
RASP Attack Detection
Built into the application runtime environment, RASP is capable of detecting and preventing attacks real-time
What does RASP protect against?
Attacks
- Clickjacking
- HTTP Response Splitting
- HTTP Method Tampering
- Large Requests
- Malfromed Content Types
- Path Traversal
- Unvalidated Redirects
Injections
- Command Injection
- Cross-Site Scripting
- Cross-Site Request Forgery
- CSS & HTML Injection
- Database Access Violation
- JSON & XML Injection
- OGNL Injection
- SQL Injection
Weaknesses
- Insecure Cookies & Transport
- Logging Sensitive Information
- Unauthorized Network Activity
- Uncaught Exceptions
- Vulnerable Dependencies
- Weak Authentication
- Weak Browser Caching
- Weak Crpytography
WAF + RASP = Defense in Depth
WAF
For known exploit payloads
- Attacks DDoS, malicious bots,
script kiddies - Threats External/untrusted
RASP
For unknown payloads
- Attacks obfuscated, context-dependent, Zero-day
- Threats External/untrusted,
Trusted insider, partners
Zero-day protection
Using patented grammar-based techniques, RASP allows applications to defend themselves without signatures or patches- providing security by default and sparing you the operational costs of off-cycle 0-day patching.
Learn more about Zero-day exploits
Cloud native application protection
With fading controls and ephemeral workloads, cloud native applications need more than just perimeter security. RASP provides security from within and goes wherever your application goes
Learn more about this topic
Insider threat protection
Attached to the runtime, RASP sees east-west traffic within applications even from careless and malicious insiders
Learn more about this topicAttack Visibility
- Pre-correlated Intelligence Everything in one place.
- Attack Classification Category, Event, Severity
- Network HTTP Request, HTTP Response, IP Addresses, Hosts Info
- Application User session, code execution, Filename, Line Number
- Operating System File reads/writes, Process Execution
- Database Query Execution, Modified Rows via Exeuction
Runtimes
Databases
Insights & SIEMs
AARP
AARP approached Prevoty (now part of Imperva) for a RASP solution to protect the organization’s Amazon Web Services (AWS) hosted applications from attacks in its production environments
“AARP is always looking beyond conventional information security controls and the rapid implementation of RASP enabled us to instill confidence that we are exceptional stewards in protecting member data.”
Saffet Ozdemir VP of Information Security
RASP goes everywhere and works anywhere
-
![browser]()
Active Applications
-
![time 1]()
Legacy Applications
-
![ldap authentication]()
3rd Party Applications
-
![apps microservices 3]()
APIs & Microservices
-
![multi cloud 1]()
Cloud Applications
-
![web proxy]()
Container & VMs
Additional Resources
Watch Videos
How Imperva RASP works?
Short explainer video on RASP
Imperva WAF & RASP
Discover in this video how you can succeed in fine-tuning your Imperva WAF when coupled with Imperva’s RASP.
