Injecting security into web apps in the runtime

Want to visit   +59

Author: Ajin Abraham

This paper discusses the research outcomes on implementing a runtime application patching algorithm on an insecurely-coded application to protect it against code injection vulnerabilities and other logical issues related to web applications, and will introduce the next generation web application defending technology dubbed as Runtime Application Self-Protection (RASP) that defends against web attacks by working inside your web application. RASP relies on runtime patching to inject security into web apps implicitly without introducing additional code changes. The talk concludes with the challenges in this new technology and gives you an insight on future of runtime protection.

  • Language
  • English

Ajin Abraham is a security engineer for IMMUNIO with 7+ years of experience in application security including 4 years of security research. He is passionate on developing new and unique security tools. Some of his contributions to the hacker arsenal include OWASP Xenotix XSS Exploit Framework, Mobile Security Framework (MobSF), Xenotix xBOT, NodeJsScan. He has been invited to speak at multiple security conferences: ClubHack, Nullcon, OWASP AppSec, Black Hat (Europe, U.S., Asia), Hack Miami, Confidence, ToorCon, Ground Zero Summit, Hack In the Box, and c0c0n.

Ajin Abraham Ajin Abraham

Back to the list