When talking about app security, the use of RAST tool,  substitute any other security control, is a valuable add-on, or it is not valuable at all?

Applications & PlatformsInfrastructureSecurity & GRC
81 views23 Upvotes5 Comments
Enterprise Security & Risk Management Architect in Insurance (except health), 10,001+ employees
By RAST are you referring to Regression or Risk? There are a couple of RASTs in this space.
1 1 Reply
IT Analyst in Finance (non-banking), 1,001 - 5,000 employees

I was referring to RASP. 

IT Manager in Manufacturing, 1,001 - 5,000 employees
some valuable add on and some are not 
IT Governance Consultant in Government, 1,001 - 5,000 employees
To clarify, it seems you are referring to RASP (Runtime Application Self-Protection) tools. RASP tools should be viewed as complementary to other security controls rather than replacements. Typically, they are integrated into the application during the development or deployment phases. The decision to use a RASP tool should be based on a thorough assessment of the application's specific requirements and risk profile.
1 1 Reply
IT Analyst in Finance (non-banking), 1,001 - 5,000 employees

thanks for the answer.

Content you might like

How are companies planning to change manage the roll-out of Data Loss Prevention (DLP)? We have programme of work to roll this out and would be interested in getting feedback on how other companies have successfully rolled it out, and any lessons learnt that they are happy to share.

Security & GRC
IT Manager in Transportation, 10,001+ employees
Always remember about Risk Assessment. Conduct a thorough risk assessment to identify potential data loss risks and vulnerabilities. Use this assessment to prioritize DLP efforts.
1
Read More Comments
2k views1 Upvote3 Comments

Where does the concept of Defense in Depth play into your org’s cybersecurity strategy? What are you doing practically to integrate that?

Security & GRCSecurity Strategy & RoadmapRisk Management+1 more
Director of IT in Education, 5,001 - 10,000 employees
This question requires a long explanation, but in a nutshell, implemented in the Risk Management Framework (NIST RMF). It is a layered protection in every step of the RMF.
1
Read More Comments
5k views4 Upvotes15 Comments

Generally speaking, are you feeling optimistic about the state of DEI in cyber? Interested in hearing your reasons in the comments.

Security & GRCTalent Sourcing & HiringCulture & Values

Yes – very optimistic!33%

Yes – mildly optimistic.54%

No8%

I’m not sure6%


198 PARTICIPANTS
1.1k views1 Upvote

Do you or your organization ever use (AIaaS) Artificial Intelligence as a Service?

Applications & PlatformsPeople & LeadershipProcess Management+29 more
IT Analyst in Education, 10,001+ employees
Chatbots only
2
Read More Comments
7.8k views123 Upvotes21 Comments

On average, how many security tools does each of your security engineers oversee?

Security & GRCThreat & Vulnerability ManagementIdentity & Access Management (IAM)+8 more

1-323%

3-541%

5-1021%

More than 1014%


1035 PARTICIPANTS
3.7k views9 Upvotes