The document discusses Runtime Application Self-Protection (RASP) technology, which integrates security controls directly into applications to detect and prevent real-time attacks. It highlights the challenges of implementing RASP, including issues of rejection, usability, accuracy, performance, and reliability, while emphasizing that RASP is not a panacea for security vulnerabilities. The presentation concludes by encouraging organizations to assess their specific needs and challenges when considering RASP solutions.

1. SESSION ID:SESSION ID:
#RSAC
Jacob West
Lessons from a Recovering Runtime
Application Self-Protection Addict
ASD-F02
NSGBU, Oracle
@sfjacob

2. Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
2

3. Problem
RASP
Challenges
End

4. Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
4
Unix 1.0
Mobile App
Space Shuttle
F-22 Raptor
Windows 3.1
XBOX DVD Player
Windows NT 4.0
Android
Boeing 787
F-35 JSF
Office 2013
Automobile
Healthcare.gov
Google
10,000
40,000
400,000
1,700,000
2,500,000
4,700,000
11,500,000
12,000,000
14,000,000
24,000,000
45,000,000
100,000,000
500,000,000
2,000,000,000

6. Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
6
$80B

7. Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
7
1M+ Security
Roles Vacant

8. $6T
$2.85T
$3T
2016
$4.73T
2021

9. Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
9
The Problem

10. Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
10
RASP: RUNTIME APPLICATION SELF-PROTECTION
Runtime Application Self-Protection (RASP)
is a security technology that is built or linked
into an application or application runtime
environment, and is capable of controlling
application execution and detecting and
preventing real-time attacks.

11. Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
11
Return of the Inline Reference Monitor
Inline Reference Monitor
o Watch boundaries
o Report events
o Enforce policy

12. Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
12
automated
Scale without human expertise
lightweight
Never interfere with the business
dynamic
Interrupt harmful activity
#RSAC2016

13. Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
13
1. Rejection
2. Usability / Use
3. Accuracy
4. Performance
5. Reliability

14. Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
14
CHALLENGE 1
Rejection

15. Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
15
CHALLENGE 2
Us(e|ability)

16. Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
16
CHALLENGE 3
Accuracy

17. Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
17
CHALLENGE 4
Performance

18. Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
18
Performance
18
CHALLENGE 5
Reliability

19. Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
RASP Promises vs. Reality
Promise Reality
Lightweight and easy to deploy
Combines application and operation
Band-Aid for security vulnerabilities
Enforce policy dynamically
Painful for Dev, Security, and Ops
Bridging domains is bigger than a tool
Requires cycles from multiple teams
Introduces failure points

20. Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
End
20
o Still need to fix broken software
o RASP solves specific problems, it’s not a silver bullet
o Must control accuracy, performance, and reliability

21. Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
21
Apply
21
Is RASP Right for Me?
What specific problems would
you use RASP to solve?
Are you prepared for the
challenges discussed today?
Would a commercial or in-house
solution best fit your needs?
Apply

22. FIN
JWEST@NETSUITE.COM
@SFJACOB