Which of the following technologies can be used to monitor and dynamically respond to potential threats on web applications?
Which of the following technologies can be used to monitor and dynamically respond to potential threats on web applications?
C https://www.crowdstrike.com/cybersecurity-101/cloud-security/runtime-application-self-protection-rasp/ Application protection: Detecting and blocking security vulnerabilities and malicious activity within the application during runtime Threat intelligence: Providing deep, code-level visibility within the application and producing insights that help the security team understand who is attacking their organization, their methods and motivations
C is correct
Answer C A RASP security tool integrates with an application and analyzes the program's execution to spot unusual or unexpected behavior, and then it takes corrective action. This can include blocking specific requests or functions to shut down an active attack and also implementing preventative measures like virtually patching an application to prevent the same attack vector from being used in the future.
Answer is B Web Application Vulnerability scanner has ability to do Static and dynamic scans respond to potential threats on web applications.
How does a web application vulnerability scanners dynamically responds?
Scanner can only scan and not respond!
Answer is C "RASP uses the context provided by deep visibility into these applications to identify and block attacks that slip by the Web Application Firewall." https://www.checkpoint.com/cyber-hub/cloud-security/what-is-runtime-application-self-protection-rasp/#
B = Detect C = Respond
Web scan obviously can't dynamicly respond to threats. It's C.
Web application vulnerability scanners are a specialised type of vulnerability scanner which focus on finding weaknesses in web applications and websites. Run Time Application Self-Protection is designed to detect attacks on an application in real time. When an application is running, RASP can protect application from malicious attacks by analyzing both the app’s behavior and the context of that behavior. App can continuously monitor its real time behavior pattern of traffic, where attacks can be identified and mitigated immediately without human intervention.
C- correct answer Runtime application self-protection (RASP) can be used to monitor and dynamically respond to potential threats on web applications. Runtime Application Self-Protection (RASP) is a security technology that provides real-time monitoring of web applications and dynamically responds to potential threats. RASP is integrated into the web application and runs alongside the application code, providing visibility into the application's runtime environment and the ability to detect and respond to threats in real-time. RASP can detect and block attacks such as SQL injection, cross-site scripting (XSS), and file inclusion vulnerabilities. Web application vulnerability scanners are tools that automate the process of identifying security vulnerabilities in web applications, but it does not provide real-time monitoring and dynamic response to potential threats.
Vulnerabiity scanners just scan for vulnerabilities, they dont respond to vulnerabilities
RASP is the answer
RASP for the same reasons provided by Dee83 and mekd
The technology that can be used to monitor and dynamically respond to potential threats on web applications is option C: Runtime application self-protection (RASP). Runtime application self-protection (RASP) is a security technology that is integrated directly into an application's runtime environment. It is designed to monitor the application's behavior and detect and respond to potential security threats in real-time. RASP solutions have the ability to detect and prevent attacks such as SQL injection, cross-site scripting (XSS), and other common web application vulnerabilities.
C. Runtime Application Self-Protection (RASP) is a security technology that is designed to protect web applications and APIs by monitoring and defending against attacks in real-time while the application is running. RASP solutions are typically integrated directly into the application or its runtime environment.
Answer C) Runtime Application Self-Protection (RASP) https://en.wikipedia.org/wiki/Runtime_application_self-protection
RASP, vulnerability scanners do not respond
The BEST technology for monitoring and dynamically responding to potential web application threats is: C. Runtime application self-protection (RASP) Here's why RASP is the most suitable choice: Real-time Defense: RASP operates within the application itself, meaning it can detect and block attacks in real-time as they're happening, unlike other options that are often more focused on pre-deployment checks. Behavior-Based Detection: RASP analyzes application behavior and looks for anomalies or malicious code execution attempts. This allows it to catch attacks that traditional signature-based tools might miss. Dynamic Response: A key feature of RASP is its ability to dynamically respond to attacks. It can block the malicious request, send an alert, or even quarantine suspicious code, preventing harm.
RASP and Cloud Security RASP is an important component within the organization’s cloud security strategy, more particularly for cloud application security. As companies increasingly leverage the cloud to advance business transformation efforts, enable new business models and activate a remote workforce, they must also ensure that all business conducted in a cloud or hybrid environment is safe and secure. Traditional security measures are not equipped to deliver protection in the cloud, which means that organizations must craft a new strategy and adopt new tooling, including application-level policies, tools, technologies and rules — chief among them RASP — to maintain visibility into all cloud-based assets, protect cloud-based applications from cyberattacks and limit access only to authorized users.