Description
Runtime protection, or Runtime Application Self-Protection (RASP), is an advanced security approach that integrates directly within an application's runtime environment, enabling it to detect, prevent, and respond to security threats in real-time. Unlike traditional security measures that act at the network or perimeter level, runtime protection operates from within the application itself, providing continuous monitoring of application behavior and identifying malicious activity as it occurs. This approach allows RASP to immediately block attacks like SQL injection, cross-site scripting (XSS), and other exploit attempts, even if vulnerabilities are present in the application code. By securing the application from the inside, runtime protection ensures that threats are mitigated dynamically, offering a critical layer of security tailored to the unique needs of each application and adapting to new threats as they emerge. Aarno Labs has a long history of developing runtime protection systems including systems that protect against injections via low-cost taint analysis and systems that enforce fine-grained privileges for libraries of a single application.
Solutions
- Lucien: Supply Chain Telemetry, Assessment, and Protection
Projects
Recent Blog Posts and News
Papers
- Precise and Comprehensive Provenance Tracking for Android Devices. MIT Technical Report Report, 2019
- SARAN: A System for Android Application Interposition. Aarno Labs Technical Report, 2021
- BinWrap: Hybrid Protection Against Native Node.js Add-ons. Asia CCS, 2023
- Preventing Dynamic Library Compromise on Node.js via RWX-Based Privilege Reduction. CCS, 2021
- Mir: Automated Quantifiable Privilege Reduction Against Dynamic Library Compromise in JavaScript. arXiv, 2021