But what does it mean? Why might this be something to consider in the future?
But what is SAP doing about Deceptive Application and RASP? What do these acronyms mean?
An approach to security from a different point of view. Today, more than ever, systems are complex and it is difficult to secure them, for example, for stolen credentials or zero days.
This is why using "non-real" systems to study malicious behavior can be important. Also to understand how to move in conditions where we often do not know how to anticipate possible issues (e.g., zero day attack). Or otherwise identify possible attacks and divert them to non-critical clone machines.
To create systems that are real throughout but not real. Just to see if these are vulnerable and assess the effects of a possible attack.
This is an acronym that stands for Runtime Application Self-Protection, the idea is to have applications that can notice when "something is wrong" and then act accordingly.
Parts of code or libraries that are able to trigger when certain events occur to protect the application itself from ongoing attacks.
What are the main characteristics of these applications:
The idea under investigation by SAP is to create honeytokens i.e., specific patterns of attack recognition so as to use machines/application honeypots on which to direct attacks and gain knowledge about them.
Honeytokens could be applied to different levels of technology in use today, applications, databases, platforms, and so on. Read more here.
But besides honeytokens, what are the other tools that could potentially be considered?
Only application-specific design of this kind could support this kind of technology. We will see!
Topics: sap cyber security, cyber security deception