Analyst Webcast: RASP vs. WAF: Comparing Capabilities and Efficiencies
- Friday, August 14th, 2015 at 3:00 PM EDT (19:00:00 UTC)
- Jake Williams
You can now attend the webcast using your mobile device!
RASP vs. WAF: Comparing Capabilities and Efficiencies
Web application firewalls (WAFs) protect web applications/servers from web-based attacks, sitting inline and monitoring traffic to and from web applications and/or servers. The difference between a traditional IPS and a WAF is in the level of ability to analyze the Layer 7 web application logic; IPSes merely interrogate traffic against signatures and anomalies, while WAFs interrogate the behavior and logic of what is requested and returned to protect against web application threats like SQL injection, cross-site scripting, session hijacking, parameter or URL tampering and buffer overflows. It's a classic "bolt-on" network security measure that too often, has little (if any) visibility into application logic, configuration or the flow of data and events. To address these issues, organizations are deploying an emerging technology of "runtime application self-protection" which, as the name suggests, builds self-defense capabilities into the runtime environment itself. This webcast will explore the relative capabilities and efficiencies of RASP and WAF technologies, and discuss a blind, vendor-anonymous review of a representative product in each category.
Sign up for this webcast and be among the first to receive an advance copy of a SANS whitepaper discussing the relative strengths and capabilities of RASP and WAFs.
View the associated whitepaper here.
Jake Williams is a principal consultant at Rendition Infosec. He has more than a decade of experience in secure network design, penetration testing, incident response, forensics, and malware reverse engineering. Before founding Rendition Infosec, Jake worked with various cleared government agencies in information security roles. Jake is the co-author of the SANS FOR610 course (Malware Reverse Engineering) and the FOR526 course (Memory Forensics). He is also a contributing author for the SEC760 course (Advanced Exploit Development). In addition to teaching these courses, Jake also teaches a number of other forensics and security courses. He is well versed in cloud forensics and previously developed a cloud forensics course for a US Government client.