Innovation is at the heart of cyber security. The nature of the field means that it is a constant cat and mouse game between hackers trying to bypass defenses and cyber defenders attempting to identify new attack types and take action to block them.
Global RASP Market
Unfortunately, hackers have the advantage of an asymmetrical playing field. A hacker has to only find and exploit one vulnerability in its defenses in order to successfully breach the network. On the other hand, a defender needs to find and close every potential hole in order to make the network secure against attack.
The disadvantage that cyber defenders work with means that they need the very best defense and monitoring tools available in order to protect their networks. While perimeter-focused defenses are effective for many threats, a focus on defending only the network edge leaves the organization easy prey for attackers that manage to penetrate it.
As a result, more focused defensive solutions have been developed. One of these is runtime application self protection (RASP), which protects software at the application level instead of the network level. The power and potential of RASP has made it a rapidly-growing sector of the cybersecurity market.
What is RASP?
RASP moves the protection boundary from the edge of the network to an application itself. RASP defenses wrap a single application, monitoring the data flowing into and out of the software and the behavior of the software in response to user inputs.
The increased level of visibility that RASP systems have into the software that they protect allows them to provide more specialized protections, even against unknown attack vectors. Since the RASP system is familiar with the normal operation of the software in great detail, it can detect even minor abnormalities or deviations from the norm that may indicate an attack. Based on this insight, it can take action to either stop the attack or generate an alert that an attack is in progress.
RASP always provides application-level protections but can be implemented in a couple of different ways. For new software, a developer can integrate RASP into the code itself, allowing them to have a great deal of control over the level of protection that each piece of functionality enjoys. Alternatively, the RASP system can be implemented after-the-fact as a wrapper, which decreases the work for the developer and provides consistency of protection across all RASP-protected software on the system. Regardless of the implementation, RASP systems have the visibility and power to protect applications to a far greater degree than traditional perimeter-based protections.
The RASP Market
Runtime application self protection solutions are a powerful tool for defending applications against attack. As a result, it comes as no surprise that the market for RASP defenses is expected to grow rapidly.
A study published in early 2018 pointed to an expected 33.3% compound annual growth rate (CAGR) of the RASP market between 2017 and 2022. This amounts to a growth in market size from $294.7 million in 2017 to $1,240.1 million (a 300% increase) by 2021. Within the greater market for RASP solutions, web applications are expected to be the biggest player. The nature of web applications means that they need to be exposed via the Internet to legitimate users and attackers alike. As a result, they are a common target of attack and require the most protection. RASP can provide tailored protection to each web application, greatly reducing the organizational threat surface.
Why Everyone Wants RASP
The reason that the RASP market is expected to grow so rapidly over these five years is the fact that traditional development practices have demonstrated a disregard for the importance of security. In the Software Development Lifecycle (SDLC), the focus has been on getting a functional product to market as quickly as possible. Security is tacked on to the end of the process as an afterthought if it makes the list at all. As a result, vulnerable software is making its way into distribution, increasing the vulnerability of organizations to cyber attack and data breaches.
Runtime application self protection limits the potential impact of these poor secure development practices. Since RASP can be effectively implemented as a wrapper around existing software, it dramatically increases the protection that can be provided by security that is tacked on at the end of development. Since developers chronically fail to involve security professionals in the design and development practice, this serves to decrease the vulnerability of the company to attack.
The Need for RASP
The scope and number of cyber attacks in recent years have demonstrated that organizations have serious vulnerabilities in their cyber defenses. The rate at which new attack types and malware variants are developed make it increasingly difficult for cyber defenders to keep up with the need to ensure that systems and perimeter defenses are up to date.
RASP provides a potential solution to the problem, allowing organizations to deploy specialized protections to the applications that need them the most. RASP systems have full visibility into the protected application, allowing them to identify even unknown attacks based on their impact on the protected application.
Since RASP solutions can be applied even as a wrapper around existing applications, they have the potential to protect even known-vulnerable software. This, along with the ability to block even zero-day attacks, is what makes RASP so valuable and is the key to its massive expected market growth.