When talking about app security, the use of RAST tool, substitute any other security control, is a valuable add-on, or it is not valuable at all?

152 views23 Upvotes4 Comments

Sort by:

IT Governance Consultant in Government2 years ago

To clarify, it seems you are referring to RASP (Runtime Application Self-Protection) tools. RASP tools should be viewed as complementary to other security controls rather than replacements. Typically, they are integrated into the application during the development or deployment phases. The decision to use a RASP tool should be based on a thorough assessment of the application's specific requirements and risk profile.

1 1 Reply

no title2 years ago

thanks for the answer.

Enterprise Security & Risk Management Architect in Insurance (except health)2 years ago

By RAST are you referring to Regression or Risk? There are a couple of RASTs in this space.

1 1 Reply

no title2 years ago

I was referring to RASP.

Content you might like

To what extent can you say: “I am confident that my team is skilled & trained enough to select, implement and utilize newer, better solutions as the business evolves”?

1 - Not confident at all28%

2 - Somewhat confident49%

3 - Highly confident21%

View Results

Compliance with InfoSec standards (SOC 2, ISO/IEC 27000 family, PCI-DSS & more) is crucial for:

Scaling the business46%

Preserving existing deals32%

Business reputation65%

Business continuity50%

Security46%

View Results

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

What strategies do you use to ensure IAM solutions are sufficiently composable to adapt to changing business needs?

How is your organization evolving its IAM infrastructure? Can you share any examples of high-impact changes that can increase interoperability and/or agility?

When talking about app security, the use of RAST tool, substitute any other security control, is a valuable add-on, or it is not valuable at all?

Sort by:

Content you might like

To what extent can you say: “I am confident that my team is skilled & trained enough to select, implement and utilize newer, better solutions as the business evolves”?

Compliance with InfoSec standards (SOC 2, ISO/IEC 27000 family, PCI-DSS & more) is crucial for:

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

What strategies do you use to ensure IAM solutions are sufficiently composable to adapt to changing business needs?

How is your organization evolving its IAM infrastructure? Can you share any examples of high-impact changes that can increase interoperability and/or agility?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

CrowdStrike Outage: Impact And Recovery

Generative AI and Software Engineering Teams: Adoption and Training

Generative AI and ChatGPT: Adoption and Use

DevSecOps: Strategies, Organizational Benefits and Challenges

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go