Explore the use of Runtime Application Self Protection (RASP) to solve seemingly unfixable vulnerabilities in this 49-minute conference talk from AppSec Ca 2016. Delve into the challenges posed by pervasive vulnerabilities, such as Java's deserialization vulnerabilities, which cannot be easily blocked, fixed, or ignored due to their dangerous nature. Learn about various RASP approaches, including dynamic software instrumentation, and discover a free, open-source RASP agent designed to neutralize deserialization attacks across the entire Java stack. Gain insights into how RASP agents can provide quick and effective defenses across an entire application portfolio, and understand why they should be an integral part of your application security strategy. Presented by Jeff Williams, CTO and co-founder of Contrast Security, this talk draws on his extensive experience in application security and his role as the former Global Chairman of the OWASP Foundation.
Overview
Syllabus
Fixing the Unfixable: Solving Pervasive Vulnerabilities with RASP - Jeff Williams - AppSec Ca 2016
Taught by
OWASP Foundation