Unlike perimeter control solutions like WAF, OpenRASP directly integrates its protection engine into the application server by instrumentation. It can monitor various events including database queries, file operations and network requests etc.
When an attack happens, WAF matches the malicious request with its signatures and blocks it. OpenRASP takes a different approach by hooking sensitive functions and examines/blocks the inputs fed into them. As a result, this examination is context-aware and in-place. It brings in the following benefits:
See detailed installation instructions here
We also provide a few test cases that are corresponding to OWASP TOP 10 attacks, download here
We've fully tested OpenRASP on the following application servers for Linux platforms:
The support of other web application servers will also be soon included in the coming releases.
We ran multiple intense and long-lasting stress tests prior to release. Even in the worst-case scenario (where the hook point got continuously triggered) the server’s performance was only reduced by 1~4%
OpenRASP logs alarms in JSON format, which can be easily picked up by LogStash, rsyslog or Flume.
A plugin receives a callback when an event occurs. It then determines if the current behavior is malicious or not and blocks the associated request if necessary.
Detailed plugin development instructions can be found here
Technical support:
Business inquires, comments, concenrs and opinions:
fuxi-pm # baidu.com
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。