Runtime Application Self-Protection (RASP) is a security technology that uses runtime instrumentation to detect and block attacks by taking advantage of information from inside the running software. RASP differs from perimeter-based protections such as WAF, in that it is inside the application, not sitting in front of it. RASP technology improves the security of software by monitoring inputs, blocking those that could allow attacks, and protecting the runtime environment from unwanted changes and tampering.
When a threat is detected, RASP can prevent exploitation and possibly take other actions, including terminating a user's session, shutting the application down, or alerting security personnel.
GitLab views RASP as complementary to the other Defend categories we offer, designed to be used together as part of a "better together," defense-in-depth approach to defending applications.
GitLab's goal is to be able to automatically add RASP to every application we host and deploy, while simultaneously being able to identify and block attacks with a minimal performance overhead.
Following our Security Paradigm and our stage vision, our goal is also to be able to provide actionable next steps to tracking incidents, and fixing any underlying vulnerabilities that are being attacked.
Additionally, our goals include being able to offer security responses, that can respond to attacks in different ways, such as terminating user session or forcing step-up authentication, based on your risk posture and business requirements.
Our next step is to complete our MVC for RASP. This will be our first RASP offering and will be targeted to detect at least one class of attack and prevent it for a specific use case.
There is no feature available for this category.
The category is very new, so we still need to engage customers and get feedback about their interests and priorities in this area.