CISO MAG - Free Issues Endpoint Security Powerlist | Page 14

KNOWLEDGE HUB 14 Vo l u m e 3 Issue 10 Vo l u m e 3 KNOWLEDGE HUB Issue 10 purpose of runtime application self- with signature-analysis and pattern protection (RASP) is to run alongside matching for known payloads. This or better yet, inside the execution of leaves application code—the root application code. cause of where the vulnerabilities By offering this ‘in-app’ protection, live—untouched and unaddressed. RASP is capable of defending against When only operating at the network threats to the entire application stack: layer, IT teams have to deal with the business logic, open-source libraries, trade-off between the risk of blocking third-party frameworks, and even the legitimate traffic or having to manage runtime platform itself. In addition a flood of erroneous alerts, without to the added layer of defense for actually solving the root cause of their production applications, the close security concerns. proximately of RASP solutions can While there may not be a Level also allow users to deploy virtual 8 in the OSI model yet, security patches and remediate vulnerabilities engineers can and should move that may have been inadvertently proactively to protect their enterprise introduced during development. applications by moving protection Traditional application security, like inside the application code—after the web application firewall detects all, application code is the last and attacks by detecting exploits, but ultimate line of defense between a accurately blocking them is where it cybersecurity thread and a successful gets tricky since network firewalls can exploit. Fix the code and you fix the only operate upon network packets vulnerability! John Adams is chief executive officer of Waratek. As CEO, John has complete responsibility for developing markets and operating all aspects of the organization’s global business. John has a rich history in security and medical technology with his experience spanning more than two decades. Prior to Waratek, John served as President & COO of SecurAmerica and Chairman & CEO of American Security Programs, leading the company’s expansion into nearly three-dozen new geographic markets and growing the company from 5 employees to over 5,000. In his career, John has also served as SVP N. America for London-based G4S (formerly Securicor) and held senior executive positions at US Surgical Corporation and Medline Industries. John holds an MBA in Healthcare Administration from Webster University and a BS in Business Administration/Accounting from Florida Southern College. The opinions expressed within this article are the personal opinions of the author. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same. CISO MAG | November 2019 CISO MAG | November 2019 15