Skip to content

TechTarget: "Getting runtime application self-protection launched"


In this piece, Ed Tittle of TechTarget, dives into how, while runtime application self-protection is a mouthful, it’s also a technology that’s absurdly easy to use. He then discusses how selecting the right implementation, at the right price, is key to obtaining the best possible return on an organization’s investment. In the article, Contrast Security is mentioned alongside Veracode and WhiteHat security discussing the different pricing models of RASP.

cs-logo.pngEd later references Jeff Williams, C0-Founder and CTO of Contrast Security, in the piece discussing how there is only negligible impact on round-trip times for request packets (and replies) with the addition of RASP. Ed concludes the article discussing how runtime application self-protection is well worth investigating for organizations that need to protect applications from attack.

Click here to read the full article on TechTarget >>

"Adding instrumentation to code at runtime means adding overhead. But, as is common in instrumentation for performance monitoring and code optimization, RASP developers are keenly aware that they should impose minimal overhead on applications to which they’re added. Jeff Williams, CTO and co-founder of Contrast Security, said their own measurements on real-world benchmarks revealed only negligible impact on round-trip times for request packets (and replies). Likewise, he said that increases in transaction processing times were on the order of 0.5-1.0 milliseconds. I heard the same kind of story from all the vendors I talked to. It sounds like prospective buyers need not be overly concerned about any impact on performance from adding RASP to their application mixes." 

Mark Hodgson, Vice President of Marketing

Mark Hodgson, Vice President of Marketing

Mark's extensive experience spans over 28 years in marketing high-tech products and services to consumers and corporations. Specific area of expertise is application security and mobile application security.