When talking about app security, the use of RAST tool,  substitute any other security control, is a valuable add-on, or it is not valuable at all?

InfrastructureApplications & Platforms
153 viewscircle icon23 Upvotescircle icon4 Comments
Sort by:
IT Governance Consultant in Government2 years ago

To clarify, it seems you are referring to RASP (Runtime Application Self-Protection) tools. RASP tools should be viewed as complementary to other security controls rather than replacements. Typically, they are integrated into the application during the development or deployment phases. The decision to use a RASP tool should be based on a thorough assessment of the application's specific requirements and risk profile.

Lightbulb on1 circle icon1 Reply
no title2 years ago

thanks for the answer.

Enterprise Security & Risk Management Architect in Insurance (except health)2 years ago

By RAST are you referring to Regression or Risk? There are a couple of RASTs in this space.

Lightbulb on1 circle icon1 Reply
no title2 years ago

I was referring to RASP. 

Content you might like

What’s your top barrier to adopting AI-driven pentesting?

Lack of mature vendor solutions47%

Trust in AI accuracy60%

Budget constraints27%

Skills to operate the tools53%

View Results

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Read More Comments

To what extent can you say: "My team is skilled & trained enough to use every needed or desired feature of our current IT/Security solutions"?

1- Highly disagree32%

2 - Not sure45%

3 - Highly agree22%

View Results

Which key pentesting capability do current AI-driven vendor solutions most fail to cover?

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

Read More Comments