Why NIST recognizes RASP to reduce software development risks - Seguridad Mania.com - España y América Latina

The NIST Cybersecurity Framework standardizes the practices and controls that mitigate constantly evolving cyberthreats and adopted by both government entities as well as global businesses is increasingly becoming the basis of other key industry security standards. The most recent evolution of the framework highlights the Software Development Lifecycle and identifies the need to implement automated security instrumentation as a critical approach to detect and block the impact of software vulnerabilities and increase the speed of release cycles. NIST 800-53 now specifically calls out Runtime Application Self-Protection (RASP) as a control to mitigate risk due to software security vulnerabilities, such as insecure code, software supply chain vulnerabilities, and other factors. The addition of this control by NIST is a recognition that automated application security instrumentation is critical to lowering the risk posed by such software vulnerabilities. Imperva RASP detects and blocks attacks from inside the application. Using patented LangSec techniques which treat data as code, RASP has full context of potentially malicious payloads before the application completes its processes. The result? Fast and accurate protection with NO signatures and NO learning mode. Join Dr. Edward Amoroso, CEO at Tag Cyber and Kunal Anand, CTO at Imperva to find out how NIST is evolving to cover the SDLC and what that means for cybersecurity. Learn also how our analyst leading RASP solution enables DevOps teams to release applications efficiently, with stronger security and lower risk.