When talking about app security, the use of RAST tool,  substitute any other security control, is a valuable add-on, or it is not valuable at all?

InfrastructureApplications & Platforms
160 viewscircle icon23 Upvotescircle icon4 Comments
Sort by:
IT Governance Consultant in Government2 years ago

To clarify, it seems you are referring to RASP (Runtime Application Self-Protection) tools. RASP tools should be viewed as complementary to other security controls rather than replacements. Typically, they are integrated into the application during the development or deployment phases. The decision to use a RASP tool should be based on a thorough assessment of the application's specific requirements and risk profile.

Lightbulb on1 circle icon1 Reply
no title2 years ago

thanks for the answer.

Enterprise Security & Risk Management Architect in Insurance (except health)2 years ago

By RAST are you referring to Regression or Risk? There are a couple of RASTs in this space.

Lightbulb on1 circle icon1 Reply
no title2 years ago

I was referring to RASP. 

Content you might like

In 2021, did your company's Information Security budget:

Increase86%

Decrease13%

What is the most annoying thing about passwords?

Reset when forgetting15%

Change upon expiry47%

Maintain & secure password lists25%

Being worried about phishing11%

Other (please comment)

View Results

Does your organization issue trusted certificates for kubelet, etcd, and the API server in Kubernetes clusters?

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Read More Comments

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

Read More Comments