Skip to content

AppSec Observer: RASP

The latest trends and tips in DevSecOps through instrumentation and security observability. Learn about real-world insight and “in-the-trenches” experiences on topics ranging from application and information security to DevOps and risk management.

Subscribe to Blog
Apache Struts CVE-2019-0230 and How to Block Attacks | Contrast Labs

Apache Struts CVE-2019-0230 and How to Block Attacks | Contrast Labs

Note: Special thanks to Alvaro Muñoz (https://twitter.com/pwntester) for correcting us on some very important technical..

Emerging from the Tool Swamp to a Unified AppSec Platform

Emerging from the Tool Swamp to a Unified AppSec Platform

Traditional approaches to application security (AppSec) rely on a patchwork of disconnected tools and processes that..

State-of-the-Art AppSec Goes Beyond Perimeter Into Application Runtimes

State-of-the-Art AppSec Goes Beyond Perimeter Into Application Runtimes

When it comes to protecting running applications, traditional defenses that sit on the perimeter lack effective..

What You Need to Know About the New IAST and RASP Guidelines in NIST 800-53

What You Need to Know About the New IAST and RASP Guidelines in NIST 800-53

 

RASP vs WAF: Why You Need Both a WAF and RASP to Protect Your Web Applications

RASP vs WAF: Why You Need Both a WAF and RASP to Protect Your Web Applications

One thing that you learn in the technology space is that change is constant. Companies, solutions, and people who sit..

RASP-cover

Why Blue Teams Need RASP: Continuous Application Threat Monitoring with Runtime Exploit Prevention

Runtime Application Self-Protection (RASP) adds threat visibility and security control to application runtimes so you..

process-zip-files

Pulling Back the Curtain On: Zip File Overwrites

Zip file overwrites are a cool but rare vulnerability that can occur on apps that work with user-supplied zip files...

signature-binary

Pulling Back the Curtain on RASP

If you set out to build a new WAF today (which, believe it or not, people are still doing), everyone would have some..

Contrast Protect + WAF: A Day in the Life of a User

A Web Application Firewall can watch network data, but the architecture does not enable them to see how that data is..