January 16, 2019 at 5:13 am #27558
- Topic 842
- Replies 0
- posts 842
Introducing RASP to Cyberharden Code
Today there’s an accelerating category of cyber protection called RASP (Runtime Application Self Protection). The idea with RASP is to protect and harden the actual code running on an endpoint. We know an attacker has a plethora of exploit methods at their disposal. With RASP based solutions, attempts to exploit many common vulnerabilities – like memory corruption errors, and file-less attacks – are rendered useless. The techniques used by hackers on RASP protected endpoints simply won’t work. The device code itself has innate protections that deny the attacker the ability to make use of their malicious code.
RunSafe Security is a pioneer in the RASP category. Born out of a collaboration with DARPA (the Defense Advanced Research Projects Agency in the Department of Defense), the project operated under the assumption that the supply chain was compromised. Hardware and software were sourced from all over the world and DARPA had no ability to determine with 100% confidence that all third-party components were safe. They asked RunSafe, “how do we secure code in our supply chain? And by the way, we can’t provide source code.” RunSafe took on the challenge and developed a tool allowing DARPA to harden a software binary, without having access to source code and protect it against an entire class of cyberattacks.
This grew into RunSafe’s Alkemist, a modern transformation engine that puts the power of cyberhardening techniques into customers’ hands. It’s easily integrated via REST API’s into any development lifecycle through a cloud or on-prem instance. It doesn’t require any additional software agents, has minimal to no impact on code performance and adds zero security alert monitoring overhead. We now live in a world in which a scalable endpoint cybersecurity solution that actually prevents attacks, not just detects them, exists.
You must be logged in to reply to this topic.