Runtime application self-protection (RASP) is a promising solution for strengthening the security posture of an application while supporting faster development, but RASP can introduce serious unintended risks, particularly if developers are not producing quality code from the start.

RASP is a technology approach being evangelized by Joseph Feiman, a research vice president and fellow at Gartner. Last fall, in a report entitled “Stop Protecting Your Apps: It’s Time for Apps to Protect Themselves,” Feiman noted that application self-protection must be a CISO’s top priority because “modern security fails to test and protect all apps. Therefore, apps must be capable of security self-testing, self-diagnostics and self-protection.”

To read this article in full or to leave a comment, please click here