The Wave: Prevoty Leads the RASP Market

Featured article by Jeffrey C. Steuart, Tech Professional and Author

The latest Forrester Wave™: Runtime Application Self-Protection report for Q1 2018 names Prevoty as the sector’s sole leader.

“Forrester’s research uncovered a market in which Prevoty leads the pack,” wrote Amy DeMartine, Principal Analyst at Forrester. Forrester also identified Prevoty as differentiated in the criteria of attack detection, management UI, attack response, zero-day attacks, reporting and analysis, feedback loops, vision, and market approach.

“Prevoty leads the pack with robust attack detection, response, and visibility. Prevoty’s RASP tool can protect Java, .NET, Python, PHP, and Ruby applications using the vendor’s own language parsing, with responses including redirect, sanitize, terminate, transform, and signal. Prevoty includes out-of-the-box SIM integrations as well as flexible ad hoc reporting,” the report states.

Assessment criteria included: attack detection, management UI, attack response, zero-day attacks, reporting and analysis, feedback loops, performance load, vision, roadmap and market approach. TCO and ease of configuration and maintenance were also factored in to Forrester’s evaluation of eight RASP vendors, including Prevoty, Waratek, tCell, Contrast Security, Signal Sciences, Avocado Systems, Micro Focus and CA Veracode.

Prevoty recently marked another significant milestone with the introduction of fully autonomous application protection. Prevoty’s RASP solution deploys via autonomous plugins that perform without dependencies on network connections, enabling fast deployments, without risks of latency, network calls, data leakage or man-in-the-middle attacks.

Stopping Struts2: Prevoty’s solution was recently field-proven at major scale with the Struts2 vulnerabilities. The Company reports that its customers’ applications remained secure and protected from application-targeted attacks, including those organizations whose apps leveraged third-party components with unpatched Struts2 vulnerabilities.

“Enterprises have realized that the software they build, buy, and rely on to conduct business is inherently vulnerable to attackers,” said Kunal Anand, CTO and Co-Founder of Prevoty. “Our industry has failed to protect applications and data as we’ve relied on a two-prong approach: making developers responsible to build secure code and deploying network appliances at the edge. It’s only getting worse. Applications are becoming more complex and dynamic. Public cloud transformations and the rapid deployment promised by DevOps are making it challenging for security teams.”

In today’s attack-heavy environment, applications and services require embedded security controls to help mitigate vulnerabilities, prevent zero-day attacks, increase visibility and improve risk management. These and other requirements are expected to continue driving rapid growth in the RASP market. A copy of the Forrester Wave™: Runtime Application Self-Protection report for Q1 2018 is available here.

Jeff Steuart is an IT professional in a commercial real estate analysis practice serving leading development and engineering organizations.