This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Secure Software Development Lifecycle Project"
From OWASP
m (Tag: Visual edit) |
m (→If I am not a programmer can I participate in your project?) (Tag: Visual edit) |
||
Line 524: | Line 524: | ||
== Tools == | == Tools == | ||
* OpenRASP | * OpenRASP | ||
− | Unlike perimeter control solutions like WAF, OpenRASP directly integrates its protection engine into the application server by instrumentation. It can monitor various events including database queries, file operations and network requests etc. | + | OpenRASP is an open-source, free and self-adapting security tool made for OWASP S-SDLC Security Deployment & SecDevOps phase. |
+ | |||
+ | It can provide functions like threat detection, data stream monitor, quick-response to production by the deep integration of its protection engine. | ||
+ | |||
+ | Unlike other perimeter control solutions like WAF, OpenRASP directly integrates its protection engine into the application server by instrumentation. It can monitor various events including database queries, file operations and network requests etc. | ||
When an attack happens, WAF matches the malicious request with its signatures and blocks it. OpenRASP takes a different approach by hooking sensitive functions and examines/blocks the inputs fed into them. As a result, this examination is context-aware and in-place. It brings in the following benefits: | When an attack happens, WAF matches the malicious request with its signatures and blocks it. OpenRASP takes a different approach by hooking sensitive functions and examines/blocks the inputs fed into them. As a result, this examination is context-aware and in-place. It brings in the following benefits: | ||
Line 534: | Line 538: | ||
3. Insusceptible to malformed protocol. | 3. Insusceptible to malformed protocol. | ||
− | Detailed documents available on github. | + | Detailed documents available on [https://github.com/baidu/openrasp github]. |
== Libraries == | == Libraries == | ||
Line 540: | Line 544: | ||
== Technical Docs == | == Technical Docs == | ||
− | To be added | + | To be added. |
<!-- DO NOT ALTER OR REMOVE THE TEXT ON NEXT LINE -->__NOTOC__ <headertabs></headertabs> | <!-- DO NOT ALTER OR REMOVE THE TEXT ON NEXT LINE -->__NOTOC__ <headertabs></headertabs> |