2/6/2015 7:00:50 AM
Checkmarx Releases New CxRASP Platform Offering Runtime Application Self Protection
App Developer Magazine

Checkmarx Releases New CxRASP Platform Offering Runtime Application Self Protection

Stuart Parkerson Stuart Parkerson in Enterprise Friday, February 6, 2015

Checkmarx has announced the launch of its Runtime Application Self-Protection (RASP) solution, CxRASP, which utilizes two-point instrumentation technology to continuously observe an app’s bidirectional data flow, enabling the detection and defense against real-time attacks.

CxRASP is the latest addition to the Checkmarx Application Security Hub which provides solutions for application security throughout the software development lifecycle as well as while in production.

As the company, “Existing Web Application Firewalls (WAFs) act as external devices monitoring the input without a clear understanding of the logic behind the app’s data flows and behavior. Implementing a solution that fails to properly distinguish between legitimate input and attacks on apps such as SQL Injection and Cross-Site Scripting can lead to false-positive diagnoses that hinders the overall effectiveness of the solution and could harm the organization’s business activity. As a result, analysts estimate that 90% of all WAFs operate in alert mode and are not actually used for blocking attacks.”

The Checkmarx technology “listens” at each interaction junction of the app, covering access points between the application and the user, the database, the network, and the file system, respectively. With visibility into the app’s input and output, CxRASP tailors the protection mechanism to the specific flow within the application to achieve detection accuracy in real-time. The product flags suspicious activity when it enters the app, and then verifies if it is actually malicious at the output to minimize false positives and false negatives. When an attack is identified, the organization is alerted and instructions are sent on how to fix the vulnerability. 

CxRASP is available as a stand-alone platform. Alternatively, the product can be integrated with Checkmarx’s Static Application Security Testing (SAST) CxSuite Solution as well as other SAST vendors, offering application protection both during and following the development process. Because it does not rely on network traffic, CxRASP eliminates SSL issues, new protocol parsing, strong decoding, and signature-based threats and obliterates complex regexes.

More information is available on the Checkmarx website.

Read more: https://www.checkmarx.com/


Your name and email will not be public or shared in any way.

Blockchain Basics: A Non-Technical Introduction in 25 Steps

Learn the basics of blockchain technology. No mathematical formulas, program code, or computer science jargon are used. No previous knowledge in computer science, mathematics, programming, or cryptography is required. Terminology is explained through pictures, analogies, and metaphors.

A new way to manage your development projects

Learn the best ways to organize your app development projects, and keep code straight, clients happy, and breathe a easier through launches.

The Latest Nerd Ranch Guide (3rd Edition) to Android Programming

Write and run code every step of the way, using Android Studio to create apps that integrate with other apps, download and display pictures from the web, play sounds, and more. Each chapter and app has been designed and tested to provide the knowledge and experience you need to get started in Android development.

Starting your own app business?

How to create a profitable, sustainable business developing and marketing mobile apps.

Featured Stories


Stay Updated

Sign up for our newsletter for the headlines delivered to you

SuccessFull SignUp

App Developer Magazine January-2019 for Apple and Android mobile app developers