Overview
Explore the critical differences and complementary roles of Web Application Firewalls (WAFs) and Runtime Application Self-Protection (RASP) in this 50-minute LASCON conference talk. Delve into the evolving landscape of application security, understanding why relying solely on one solution may leave gaps in your defense strategy. Examine the limitations of traditional signature-based approaches in WAFs and the unique protections offered by RASP. Learn why comparing WAF and RASP is akin to comparing antivirus and EDR solutions, and discover the benefits of implementing both technologies. Gain insights into AppSec history, common downfalls, attack scenarios, and testing methods. Analyze real-world examples, including the Equifax breach, to better grasp the importance of a comprehensive approach to application security.
Syllabus
Intro
Applications are vulnerable
AppSec history
We have a problem
Mod Security
WAF
Tuning
Command Injection
Common Downfalls
bypasses
confluence
Similarities
Instrumentation
Attack Scenario
How WAF works
RASP challenges
What is RASP
Data Visibility
Comparing
Testing Methods
Attack Types
Attack Probability
Equifax
Seatbelt vs Airbag
RASP vs WAF
Would it be true
Taught by
LASCON