Exam CISSP topic 1 question 48 discussion

C https://www.crowdstrike.com/cybersecurity-101/cloud-security/runtime-application-self-protection-rasp/ Application protection: Detecting and blocking security vulnerabilities and malicious activity within the application during runtime Threat intelligence: Providing deep, code-level visibility within the application and producing insights that help the security team understand who is attacking their organization, their methods and motivations

Runtime application self-protection (RASP) is the technology that best fits the description. RASP agents are embedded within web applications and can monitor application behavior in real time, detecting and responding to potential threats as they occur. This makes RASP a powerful tool for protecting web applications from attacks like SQL injection, cross-site scripting, and others

Web application vulnerability scanners find vulnerabilities before an attacker can exploit them, but Runtime Application Self-Protection (RASP) is technology that incorporates security functionality within software applications to prevent malicious attacks while the application is running. RASP focuses on the application itself, using sensors embedded within the software, as well as contextual information, to monitor the application during runtime, address specific vulnerabilities that exist within each piece of software, and stop threats automatically and in real time. Based on this I will go for C

RASP and Cloud Security RASP is an important component within the organization’s cloud security strategy, more particularly for cloud application security. As companies increasingly leverage the cloud to advance business transformation efforts, enable new business models and activate a remote workforce, they must also ensure that all business conducted in a cloud or hybrid environment is safe and secure. Traditional security measures are not equipped to deliver protection in the cloud, which means that organizations must craft a new strategy and adopt new tooling, including application-level policies, tools, technologies and rules — chief among them RASP — to maintain visibility into all cloud-based assets, protect cloud-based applications from cyberattacks and limit access only to authorized users.

The BEST technology for monitoring and dynamically responding to potential web application threats is: C. Runtime application self-protection (RASP) Here's why RASP is the most suitable choice: Real-time Defense: RASP operates within the application itself, meaning it can detect and block attacks in real-time as they're happening, unlike other options that are often more focused on pre-deployment checks. Behavior-Based Detection: RASP analyzes application behavior and looks for anomalies or malicious code execution attempts. This allows it to catch attacks that traditional signature-based tools might miss. Dynamic Response: A key feature of RASP is its ability to dynamically respond to attacks. It can block the malicious request, send an alert, or even quarantine suspicious code, preventing harm.

RASP, vulnerability scanners do not respond

Vulnerabiity scanners just scan for vulnerabilities, they dont respond to vulnerabilities

Answer C) Runtime Application Self-Protection (RASP) https://en.wikipedia.org/wiki/Runtime_application_self-protection

C. Runtime Application Self-Protection (RASP) is a security technology that is designed to protect web applications and APIs by monitoring and defending against attacks in real-time while the application is running. RASP solutions are typically integrated directly into the application or its runtime environment.

The technology that can be used to monitor and dynamically respond to potential threats on web applications is option C: Runtime application self-protection (RASP). Runtime application self-protection (RASP) is a security technology that is integrated directly into an application's runtime environment. It is designed to monitor the application's behavior and detect and respond to potential security threats in real-time. RASP solutions have the ability to detect and prevent attacks such as SQL injection, cross-site scripting (XSS), and other common web application vulnerabilities.

RASP for the same reasons provided by Dee83 and mekd

C- correct answer Runtime application self-protection (RASP) can be used to monitor and dynamically respond to potential threats on web applications. Runtime Application Self-Protection (RASP) is a security technology that provides real-time monitoring of web applications and dynamically responds to potential threats. RASP is integrated into the web application and runs alongside the application code, providing visibility into the application's runtime environment and the ability to detect and respond to threats in real-time. RASP can detect and block attacks such as SQL injection, cross-site scripting (XSS), and file inclusion vulnerabilities. Web application vulnerability scanners are tools that automate the process of identifying security vulnerabilities in web applications, but it does not provide real-time monitoring and dynamic response to potential threats.

Web application vulnerability scanners are a specialised type of vulnerability scanner which focus on finding weaknesses in web applications and websites. Run Time Application Self-Protection is designed to detect attacks on an application in real time. When an application is running, RASP can protect application from malicious attacks by analyzing both the app’s behavior and the context of that behavior. App can continuously monitor its real time behavior pattern of traffic, where attacks can be identified and mitigated immediately without human intervention.

RASP is the answer

Web scan obviously can't dynamicly respond to threats. It's C.

B = Detect C = Respond

Answer is C "RASP uses the context provided by deep visibility into these applications to identify and block attacks that slip by the Web Application Firewall." https://www.checkpoint.com/cyber-hub/cloud-security/what-is-runtime-application-self-protection-rasp/#