Checkmarx has announced the launch of its Runtime Application Self-Protection (RASP) solution, CxRASP, which utilizes two-point instrumentation technology to continuously observe an app’s bidirectional data flow, enabling the detection and defense against real-time attacks.
CxRASP is the latest addition to the Checkmarx Application Security Hub which provides solutions for application security throughout the software development lifecycle as well as while in production.
As the company, “Existing Web Application Firewalls (WAFs) act as external devices monitoring the input without a clear understanding of the logic behind the app’s data flows and behavior. Implementing a solution that fails to properly distinguish between legitimate input and attacks on apps such as SQL Injection and Cross-Site Scripting can lead to false-positive diagnoses that hinders the overall effectiveness of the solution and could harm the organization’s business activity. As a result, analysts estimate that 90% of all WAFs operate in alert mode and are not actually used for blocking attacks.”
The Checkmarx technology “listens” at each interaction junction of the app, covering access points between the application and the user, the database, the network, and the file system, respectively. With visibility into the app’s input and output, CxRASP tailors the protection mechanism to the specific flow within the application to achieve detection accuracy in real-time. The product flags suspicious activity when it enters the app, and then verifies if it is actually malicious at the output to minimize false positives and false negatives. When an attack is identified, the organization is alerted and instructions are sent on how to fix the vulnerability.
CxRASP is available as a stand-alone platform. Alternatively, the product can be integrated with Checkmarx’s Static Application Security Testing (SAST) CxSuite Solution as well as other SAST vendors, offering application protection both during and following the development process. Because it does not rely on network traffic, CxRASP eliminates SSL issues, new protocol parsing, strong decoding, and signature-based threats and obliterates complex regexes.
Read more: https://www.checkmarx.com/
More information is available on the Checkmarx website
Learn the basics of blockchain technology. No mathematical formulas, program code, or computer science jargon are used. No previous knowledge in computer science, mathematics, programming, or cryptography is required. Terminology is explained through pictures, analogies, and metaphors.
Learn the best ways to organize your app development projects, and keep code straight, clients happy, and breathe a easier through launches.
Write and run code every step of the way, using Android Studio to create apps that integrate with other apps, download and display pictures from the web, play sounds, and more. Each chapter and app has been designed and tested to provide the knowledge and experience you need to get started in Android development.
How to create a profitable, sustainable business developing and marketing mobile apps.