Runtime Application Self-Protection (RASP) is a security technology built into an application to monitor and protect it as it runs. RASP works by detecting and blocking attacks in real time from within the application itself. It helps identify threats such as code injection or unauthorised access, often stopping them before they can cause any damage.
Category: Cybersecurity
Web Application Firewall (WAF)
A Web Application Firewall (WAF) is a security system that monitors, filters, and blocks harmful traffic to and from web applications. It acts as a protective barrier between a website and the internet, helping to stop attacks such as SQL injection, cross-site scripting, and other common threats. By analysing incoming and outgoing web requests, a…
API Rate Limiting
API rate limiting is a technique used to control how many requests a user or system can make to an API within a set period. This helps prevent overloading the server, ensures fair access for all users, and protects against misuse or abuse. By setting limits, API providers can maintain reliable service and avoid unexpected…
Browser Isolation
Browser isolation is a security technique that separates web browsing activity from the rest of a computer or network. It works by running browser sessions in a secure, isolated environment, often on a remote server or a virtual machine. This way, if a user visits a malicious website, any harmful code or malware is contained…
Certificate Transparency
Certificate Transparency is a system that helps make digital certificates, which secure websites, more open and trustworthy. It works by publicly logging every certificate issued, so anyone can check for mistakes or unauthorised certificates. This helps prevent attackers from creating fake certificates to impersonate websites and improves overall trust in internet security.
Secure File Transfer
Secure file transfer refers to the process of sending files from one device or location to another in a way that protects the contents from unauthorised access or tampering. This is usually achieved by using encryption, which scrambles the data so only the intended recipient can read it. Secure file transfer methods also ensure that…
Content Security Policy (CSP)
Content Security Policy (CSP) is a security feature in web browsers that helps prevent malicious scripts and other harmful content from running on websites. It works by letting website owners specify which sources of content are allowed to be loaded, such as images, scripts, and stylesheets. By setting these rules, CSP can stop many types…
Cross-Site Scripting (XSS) Mitigation
Cross-Site Scripting (XSS) mitigation refers to the methods used to protect websites and applications from XSS attacks, where malicious scripts are injected into web pages viewed by other users. These attacks can steal data, hijack sessions, or deface websites if not properly prevented. Mitigation involves input validation, output encoding, proper use of security headers, and…
Data Loss Prevention (DLP)
Data Loss Prevention (DLP) refers to a set of tools and processes designed to stop sensitive data from being lost, leaked, or accessed by unauthorised people. It monitors how data is used, moved, and shared within an organisation and outside of it. DLP systems can automatically block, alert, or encrypt data when a risk is…
Cryptographic Key Rotation
Cryptographic key rotation is the process of replacing old encryption keys with new ones on a regular basis or when a key is suspected of being compromised. This practice helps protect sensitive data by reducing the risk of unauthorised access if a key is exposed. It also ensures that even if a key is discovered,…