Imperva Cyber Community

 View Only
Expand all | Collapse all

RASP SelfTune for faster deployments

  • 1.  RASP SelfTune for faster deployments

    Posted 10-21-2020 06:29
    Edited by Chris Detzel 10-26-2020 18:45

    Making RASP Configuration easy

    Security bugs can be challenging to fix even with the time and talent to do it.  Sometimes those bugs are in 3rd party code and deploying a patch can be difficult even if the patch is made available quickly.  Often the "right way" to fix the problem (changing the application's source code) is at odds with time-to-market or budget constraints.

    Imperva RASP is a simple and cost-effective way to mitigate the risks posed by security bugs in web applications, APIs and microservices.  RASP's "set and forget" deployment model makes it an ideal solution for long-term operational cost savings.

    To enable even faster deployments to capitalize on short-term time-to-market gains, Imperva RASP's SelfTune utility was developed.  SelfTune performs two primary tasks:

    1. It reads Veracode security scanner findings to automatically enable RASP controls - including the lesser known, advanced RASP controls.

    2. It reads the RASP event log to automatically adjust the RASP controls to ensure that the controls aren't "too strict" given the specific characteristics of the protected application.

    SelfTune is a stand-alone, command line utility written in Java that can be deployed in virtually any environment.  No specific RASP, security or development skills are required to operate SelfTune.  SelfTune works with RASP version 3.11 and greater, including RASP 4.0.  It can be easily incorporated into various automation frameworks.

    You can find RASP SelfTune on the RASP Customer Success Portal.   Let us know what you think!


    Christopher Prevost
    Head of Solutions Architecture, Runtime Security

  • 2.  RE: RASP SelfTune for faster deployments

    Posted 10-22-2020 20:20
    Edited by Steven Bankowitz 10-27-2020 10:34