Detect and block attacks  against applications  in a runtime  environment 

Fast, flexible and real-time application security without false positives

  • Track all external request parameter data and DB query result data
  • Track the processing of collected external data within WAS
  • Record issues and block requests if threats or vulnerabilities are detected while tracing

Self-Protection Policy Management

  • Enable or disable active web application self-protection
  • Ability to apply or change self-protection rules during web application operation
  • Ability to apply custom protection rules in real time
  • Set log policies and vulnerability detection policies
  • Setting for redirect page when vulnerability is blocked

Security Vulnerability Management

  • Detected attacks to the web application's protected WAS operation, the information will be recorded and treated as an issue
  • Ability to centrally manage issue information of the entire WAS
  • Vulnerability detection history management

Major Vulnerabilities

  • OS Command Injection
  • SQL Injection
  • XPath Injection
  • Unvalidated File Upload
  • Database Backdoor
  • Consistent XSS
  • Inconsistent XSS
  • Dom based XSS
  • Unvalidated redirections
  • Location based Access Control System Roundabouts

Key Feature

  • Project Group Management

    • Ability to set checker group and project for the protected WAS
  • Ability to provide quick and flexible protection

    • Vulnerability handling at the operational stage can mitigate their impacts
    • Provide self-protection even during patching or releasing
    • Dynamic adjustment of self-protection function
  • Minimum performance load which is hardly recognizable

    • Overcome the limitations of RASP technology by interacting with InteractiveHUB and other security testing tools

Supported Environment

• Java

• WAS

- Tomcat, Jetty, JBoss AS, Wildfly, WebLogic, WebSphere Liberty Profile, JEUS and more

• Web Framework

- Spring Framework

• JDBC Driver

- Oracle, MySQL, SQLServer, Postgre SQL, Maria DB, HyperSQL and more

• DB Framework

- MyBatis (iBatis), Hibernate

• .NET

- CLR 4.0

System Requirement

RASP Console

• OS:

- Windows 2000 Server or later, Ubuntu Linux 8.04 or later, Redhat Linux 5 or later, Fedora 8 or later, CentOS 5 or later, JRE 1.7 or later

RASP Agent

- JRE 1.8 or later

RASP Core

- Java / JRE 1.6 or later, .NET Framework 4.0

close
Products Security Quality