TMCnet News
Checkmarx Introduces CxRASP to Secure Applications During Run-TimeLeading software application security firm Checkmarx today announced the launch of its Runtime Application Self-Protection (RASP) solution, CxRASP, that utilizes unique two-point instrumentation technology to continuously observe an app's bidirectional data flow, enabling the detection and defense against real-time attacks. CxRASP is the latest addition to the Checkmarx Application Security (News - Alert) Hub which provides a broad range of solutions to ensure application security throughout the software development lifecycle as well as while in production. Existing Web Application Firewalls (WAFs) act as external devices monitoring the input without a clear understanding of the logic behind the app's data flows and behavior. Implementing a solution that fails to properly distinguish between legitimate input and attacks on apps such as SQL Injection and Cross-Site Scripting can lead to false-positive diagnoses that hinder the overall effectiveness of the solution and endanger the application's security. As a result, analysts estimate that 90% of all WAFs operate in alert mode and are not actually used for blocking attacks. Checkmarx's technology "listens" at each interaction junction of the app, covering access poits between the application and the user, the database, the network, and the file system, respectively. With complete visibility into the app's input and output, CxRASP is the first solution that tailors the protection mechanism to the specific flow within the application to achieve unprecedented detection accuracy in real-time. The product flags suspicious activity when it enters the app, and then verifies if it is actually malicious at the output to minimize false positives and false negatives. When an attack is identified, the organization is alerted and instructions are sent on how to fix the vulnerability. "The fast increasing number of applications and the resulting vast amounts of insecure code written and released into production means that we need a more intelligent way to ensure software security," said Emmanuel Benzaquen, CEO of Checkmarx. "CxRASP is the ultimate way to protect applications as it lets applications do the work of protecting themselves so that security vulnerabilities are revealed and blocked in real-time." The product is fully integrated with Checkmarx's Static Application Security Testing (SAST) CxSuite Solution and may be integrated with other SAST vendors, ensuring complete application protection both during and following the development process. Because it does not rely on network traffic, CxRASP eliminates SSL issues, new protocol parsing, strong decoding, and signature-based threats and obliterates complex regexes. "RASP capability is a necessity for any organization hoping to effectively ward off attacks before they damage assets and cripple its business," noted Maty Siman, CTO & Founder of Checkmarx. "CxRASP is a 'WAF-killer,' making it possible to learn from the internal workings of an app how to better secure it in real time, thereby improving the performance and accuracy of existing solutions and bringing the app security industry to the next level." About Checkmarx Checkmarx is a leading developer of software solutions used to identify, fix and block security vulnerabilities in web and mobile applications. It provides an easy and effective way for organizations to introduce security into their Software Development Lifecycle (SDLC) which systematically eliminates software risk before applications are released. The company's customers include 4 of the world's top 10 software vendors and many Fortune 500 and government organizations, including Samsung (News - Alert), Salesforce.com, Coca Cola and the US Army. To learn more, visit: http://www.checkmarx.com |
