[Owasp-boston] June 14 Meeting - Is RASP Ready, and more

Jim Weiler jim.weiler at owasp.org
Tue May 16 18:24:45 UTC 2017

SalesForce (was Demandware) 5 Wall St. Burlington, MA

5:30 chat, brew and chew

6:30 announcements; OAuth in general and Google doc phishing; OWASP
Dependency Checker and using OpenSource in general; audience questions;
infosec news

7:00 Is RASP Ready?     TCell.io     *Michael Feiertag, CEO and Co-Founder*

Runtime Application Self-Protection is overhyped, according to many
analysts and pundits. RASP promises applications that protect themselves -
which sounds impossible - how can an application possibly protect itself?
An agent that sits inside the app sounds like a deployment nightmare at
worst, and a drain on the app at best. What’s the reality? Where are we now
and what have we learned?

We’ve seen deployment successes and failures, and we will draw from those
specific experiences to describe:
Where does RASP work?
● What applications are well-suited for RASP?
● What types (organizational structure, culture, or skillset) of
organizations are well-suited for RASP?

What is the reality of RASP?
● Is RASP a deployment model or a feature set?
● How mature is RASP? Is it an over-hyped immature space, enterprise-ready,
or somewhere in between?
● Which RASP capabilities do organizations use? And how do they validate
those capabilities in their own environments?
● Can RASP replace the WAF?

We will conclude, not with a sales pitch, but some lessons learned on: the
three must have attributes for RASP, some suggestions on good candidates
for RASP – both types of teams and types of applications, and finally - if,
how, and when to get started.

Michael Feiertag is CEO and co-founder of tCell.io.  Before co-founding
tCell at the end of 2014, Michael led a string of successful products –
most recently as head of products at Okta, and prior to that, as technology
director at Blue Coat.  Prior to Blue Coat, Michael held product
management, engineering, and sales positions at several start-ups.  Michael
holds a B.S. from The University of Chicago, and an M.S. from the
University of Maryland.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-boston/attachments/20170516/05d5f3dd/attachment.html>

More information about the Owasp-boston mailing list