DETECT AND BLOCK ATTACKS AGAINST APPLICATIONS IN REAL-TIME
Veracode Runtime Protection
Enable secure application deployments without operational maintenance
Organizations like yours are increasingly leveraging software applications you build, compose or buy to gain competitive advantage. Development teams are pressured to deliver quality work on-time, often at the expense of security. The ability to exploit software vulnerabilities and the potential of significant financial gain has made web applications the most common breach vector. Mitigating a vulnerability may not be an option due to time to market or lack of access to the source code. Web application firewalls (WAFs) are frequently deployed as a quick fix, but they require a lot of maintenance and often run in monitoring-only mode for fear of false positives.
Veracode Runtime Protection defends against application-layer attacks in real-time. Unlike a WAF, Veracode Runtime Protection is simple to deploy and does not require engineering resources to implement and tune it because it uses a technology called runtime application self-protection (RASP). Veracode Runtime Protection provides more effective protection, is harder for attackers to evade, and has much higher accuracy – so you won’t be distracted by noisy false positives. You can even deploy it in pre-production to ensure its functionality is tested as part of your QA process. Third-party and legacy applications can be secured without requiring code changes or interrupting engineering priorities.
Runtime Application Self Protection
Protect applications at runtime without touching code
Veracode Runtime Protection does not require you to change source code. It is installed in minutes on your application server and instantly begins monitoring and protecting you from attacks – no tuning required. The technology is great for defense in depth or as an easy option to start your application security program. Even if you operate legacy or third-party applications, or use open source components in your web app, Veracode Runtime Protection provides an excellent option for mitigating vulnerabilities. No development effort is required to get Veracode Runtime Protection installed and running.
Monitor and block attacks, integrate with security operations
You can set Veracode Runtime Protection to monitor or block. In monitoring mode, it alerts you about active threats and logs an audit trail. In blocking mode, Veracode Runtime Protection also prevents the attack from being executed. Attack data is logged in a central management console and can be fed into a SIEM to alert the security operations team.
Broaden your options for reducing application risk
Risk management is all about business trade-offs: With Veracode Runtime Protection, you add the option to instantly mitigate certain vulnerabilities without involving developers as an alternative to requesting a code change, so you’re increasing development speed while managing your risk. Veracode Runtime Protection helps companies comply with regulations, such as PCI DSS, by providing an automated solution that detects and prevents web-based attacks.