Report

SANS Report: Application Security Methodologies Compared

WAF vs RASP for application security

The differences between RASP vs WAF is clear, almost certainly, to any software security specialist. Both are defining methodologies for application security, and both anticipate the mind of the cyber criminal.

But are the differences clear to you? Web application firewall (WAF) technology detects known patterns of malware intrusion as attacks attempt a firewall breach. Runtime application self-protection (RASP) technology detects behavioral change in the program execution.

A new methodology review makes it clear why the difference between these two approaches matters. This 2015 review by the SANS Institute compares the WAF technique —putting up a wall in front of the application— to RASP, which protects the application from the inside out.

Highlights include:

  • Contrasting capabilities and use cases
  • How threats and vulnerabilities are detected
  • Privacy violations through unintended data disclosures
  • Recognizing context-sensitive detection, and finding unanticipated locations where such data is stored

Learn how WAF techniques stack up against RASP.

Download this free review, and see which approach catches the most events, reduces false positives, and improves visibility into vulnerabilities, including weaknesses you don’t know about.


A SANS Product Review, written by Jacob Williams, April 2015. Sponsored by HPE.

Get this report delivered to your inbox

Success

You have unlocked a free copy of SANS Report: Application Security Methodologies Compared

You may download the report from this page at any time.

GET IT NOW

WAF vs RASP for application security

The differences between RASP vs WAF is clear, almost certainly, to any software security specialist. Both are defining methodologies for application security, and both anticipate the mind of the cyber criminal.

But are the differences clear to you? Web application firewall (WAF) technology detects known patterns of malware intrusion as attacks attempt a firewall breach. Runtime application self-protection (RASP) technology detects behavioral change in the program execution.

A new methodology review makes it clear why the difference between these two approaches matters. This 2015 review by the SANS Institute compares the WAF technique —putting up a wall in front of the application— to RASP, which protects the application from the inside out.

Highlights include:

  • Contrasting capabilities and use cases
  • How threats and vulnerabilities are detected
  • Privacy violations through unintended data disclosures
  • Recognizing context-sensitive detection, and finding unanticipated locations where such data is stored

Learn how WAF techniques stack up against RASP.

Download this free review, and see which approach catches the most events, reduces false positives, and improves visibility into vulnerabilities, including weaknesses you don’t know about.


A SANS Product Review, written by Jacob Williams, April 2015. Sponsored by HPE.