2/6/2015 7:00:50 AM
Checkmarx Releases New CxRASP Platform Offering Runtime Application Self Protection
App Developer Magazine

Checkmarx Releases New CxRASP Platform Offering Runtime Application Self Protection

Stuart Parkerson Stuart Parkerson in Enterprise Friday, February 6, 2015

Checkmarx has announced the launch of its Runtime Application Self-Protection (RASP) solution, CxRASP, which utilizes two-point instrumentation technology to continuously observe an app’s bidirectional data flow, enabling the detection and defense against real-time attacks.

CxRASP is the latest addition to the Checkmarx Application Security Hub which provides solutions for application security throughout the software development lifecycle as well as while in production.

As the company, “Existing Web Application Firewalls (WAFs) act as external devices monitoring the input without a clear understanding of the logic behind the app’s data flows and behavior. Implementing a solution that fails to properly distinguish between legitimate input and attacks on apps such as SQL Injection and Cross-Site Scripting can lead to false-positive diagnoses that hinders the overall effectiveness of the solution and could harm the organization’s business activity. As a result, analysts estimate that 90% of all WAFs operate in alert mode and are not actually used for blocking attacks.”

The Checkmarx technology “listens” at each interaction junction of the app, covering access points between the application and the user, the database, the network, and the file system, respectively. With visibility into the app’s input and output, CxRASP tailors the protection mechanism to the specific flow within the application to achieve detection accuracy in real-time. The product flags suspicious activity when it enters the app, and then verifies if it is actually malicious at the output to minimize false positives and false negatives. When an attack is identified, the organization is alerted and instructions are sent on how to fix the vulnerability. 

CxRASP is available as a stand-alone platform. Alternatively, the product can be integrated with Checkmarx’s Static Application Security Testing (SAST) CxSuite Solution as well as other SAST vendors, offering application protection both during and following the development process. Because it does not rely on network traffic, CxRASP eliminates SSL issues, new protocol parsing, strong decoding, and signature-based threats and obliterates complex regexes.

More information is available on the Checkmarx website.

Read more: https://www.checkmarx.com/

Get your Pi Day 2019 Shirt

Love Is Like Pi Never Ending T-Shirt Math Pi day Gift Shirt. Perfect Shirt to celebrate Pi Day 2019. Great gift whether you just love Math or you are a Math Student, Teacher or similar.

475 Tax Deductions for Businesses and Self-Employed Individuals

Are you paying more taxes than you have to as a developer or freelancer? The IRS is certainly not going to tell you about a deduction you failed to take, and your accountant is not likely to take the time to ask you about every deduction you’re entitled to. As former IRS Commissioner Mark Everson admitted, “If you don’t claim it, you don’t get it.

A hands-on guide to mastering mobile forensics for iOS and Android

Get hands-on experience in performing simple to complex mobile forensics techniques Retrieve and analyze data stored not only on mobile devices but also through the cloud and other connected mediums A practical guide to leveraging the power of mobile forensics on popular mobile platforms with lots of tips, tricks, and caveats.

Gps tracker for kids

The Chirp GPS app is a top-ranked location sharing app available for Apple and Android that is super easy to use, and most of all, it's reliable.

The Latest Nerd Ranch Guide (3rd Edition) to Android Programming

Write and run code every step of the way, using Android Studio to create apps that integrate with other apps, download and display pictures from the web, play sounds, and more. Each chapter and app has been designed and tested to provide the knowledge and experience you need to get started in Android development.