Ends Tomorrow! Save $400 on 4-6 day Courses at SANS Tysons Corner Fall 2017.


To attend this webcast, login to your SANS Account or create your Account.

Analyst Webcast: RASP vs. WAF: Comparing Capabilities and Efficiencies

  • Friday, August 14th, 2015 at 3:00 PM EDT (19:00:00 UTC)
  • Jake Williams
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.


  • HP

You can now attend the webcast using your mobile device!


RASP vs. WAF: Comparing Capabilities and Efficiencies

Web application firewalls (WAFs) protect web applications/servers from web-based attacks, sitting inline and monitoring traffic to and from web applications and/or servers. The difference between a traditional IPS and a WAF is in the level of ability to analyze the Layer 7 web application logic; IPSes merely interrogate traffic against signatures and anomalies, while WAFs interrogate the behavior and logic of what is requested and returned to protect against web application threats like SQL injection, cross-site scripting, session hijacking, parameter or URL tampering and buffer overflows. It's a classic "bolt-on" network security measure that too often, has little (if any) visibility into application logic, configuration or the flow of data and events. To address these issues, organizations are deploying an emerging technology of "runtime application self-protection" which, as the name suggests, builds self-defense capabilities into the runtime environment itself. This webcast will explore the relative capabilities and efficiencies of RASP and WAF technologies, and discuss a blind, vendor-anonymous review of a representative product in each category.

Sign up for this webcast and be among the first to receive an advance copy of a SANS whitepaper discussing the relative strengths and capabilities of RASP and WAFs.

View the associated whitepaper here.

Speaker Bio

Jake Williams

Jake Williams is a principal consultant at Rendition Infosec. He has more than a decade of experience in secure network design, penetration testing, incident response, forensics, and malware reverse engineering. Before founding Rendition Infosec, Jake worked with various cleared government agencies in information security roles. Jake is the co-author of the SANS FOR610 course (Malware Reverse Engineering) and the FOR526 course (Memory Forensics). He is also a contributing author for the SEC760 course (Advanced Exploit Development). In addition to teaching these courses, Jake also teaches a number of other forensics and security courses. He is well versed in cloud forensics and previously developed a cloud forensics course for a US Government client.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.