LAST UPDATED September 22, 2023
The log4j vulnerability highlighted the need for runtime protection for APIs and apps. As security engineers responded to Log4j attacks and deployed patches for attack variants in late 2021, the limitations of only observing HTTP request and response pairs became obvious. While the HTTP requests provided a lot of information, it took security engineers longer than they wanted to understand what attackers were targeting, what techniques they were using, and how they were going about it.
Learn more about the importance of visibility beyond HTTP.
Ultimately, it became clear that:
- Runtime protection is critical for stopping malware and other malicious runtime threats from impacting APIs and applications in a timely manner.
- An application and API security solution that includes events from the application host itself, via process monitoring, would have enough information to quickly take decisive action on runtime threats.
To help you better understand this challenge and how to address it, we just published All You Need to Know About Protecting Against Runtime Threats to APIs and Applications.
This graphical and easy-to-read whitepaper will help you understand runtime API and app attacks, the challenges in defending against them, different defense approaches, what eBPF is and how it can play a role, and, finally, how ThreatX is facing this challenge.
It answers:
- What are runtime API and app threats?
- Why does runtime API and app protection matter?
- What can the log4j experience tell us about runtime API and app protection?
- What should I look for in a runtime API and app protection solution?
- What is eBPF?
- How can eBPF address this challenge?
- How is the ThreatX offering different from RASP?
As the API and application attack surface grows, defense in depth becomes critical. Part of that includes protecting APIs and apps from the development phase, to the edge, to runtime. Use this whitepaper to better understand runtime threats against and protection for APIs and apps.