Runtime application self-protection

[1][2] The technology differs from perimeter-based protections such as firewalls, that can only detect and block attacks by using network information without contextual awareness.

[3][4] RASP technology is said to improve the security of software by monitoring its inputs, and blocking those that could allow attacks, while protecting the runtime environment from unwanted changes and tampering.

[6][7] RASP aims to close the gap left by application security testing and network perimeter controls, neither of which have enough insight into real-time data and event flows to either prevent vulnerabilities slipping through the review process or block new threats that were unforeseen during development.

[8] RASP can be integrated as a framework or module that runs in conjunction with a program's codes, libraries and system calls.

[4] RASP is similar to interactive application security testing (IAST), the key difference is that IAST is focused on identifying vulnerabilities within the applications and RASPs are focused protecting against cybersecurity attacks that may take advantages of those vulnerabilities or other attack vectors.