Runtime application self-protection (RASP)

Moldes Cruz, Roi

Please use this identifier to cite or link to this item: http://hdl.handle.net/10609/117866

Title:	Runtime application self-protection (RASP)
Author:	Moldes Cruz, Roi
Director:	Rifà-Pous, Helena
Tutor:	Canto Rodrigo, Pau del
Abstract:	In recent years, the number of organizations affected by security breaches and information leaks has grown considerably. Confidential information of entities or customer information are some of the main targets of attackers, causing significant reputational and economic damage, which depending on the size of the affected company can result in major sanctions and even bankruptcy of the company. In many of the above mentioned cases the main cause is the existence of vulnerabilities in corporate software. Currently, the number of services developed by large corporations is growing exponentially. So does the adoption of security measures, although unfortunately not at the same pace, the incorporation of minimum security requirements that software must meet in order to comply with software delivery pipelines. In this paper, the context of Application Security Testing is analyzed, as well as the different products and technologies most used today. The focus is on RASP solutions, an unknown and emerging technology in the market, performing an analysis of operation and main components. Additionally, a local environment is implemented to perform a proof of concept at a technical and functional level of two RASP products, from which the results and conclusions obtained are analyzed and documented.
Keywords:	application security testing real time protection DevSecOps
Document type:	info:eu-repo/semantics/masterThesis
Issue Date:	Jun-2020
Publication license:	http://creativecommons.org/licenses/by-nc-nd/3.0/es/
Appears in Collections:	Trabajos finales de carrera, trabajos de investigación, etc.