runtime-protection
Safeguard articles tagged "runtime-protection" — guides, analysis, and best practices for software supply chain and application security.
10 articles
Container escape techniques and defense in depth
CVE-2024-21626 let a leaked file descriptor turn runc exec into host root. Here's how container escapes actually work — and the layers that stop them.
Connecting build, deploy, and runtime security into one AppSec lifecycle
The XZ Utils backdoor (CVE-2024-3094) was found in the build chain; most tools that would have caught it stop at deploy. Here's how to close that gap.
A Practical Container Security Checklist: From Base Image to Runtime
Standard Docker Hub images ship 50-60 known CVEs on average. Here's the checklist that gets containers from base image to runtime without carrying them along.
Why static scanning misses runtime threats (the case for ...
Trivy's build-time CVE scans miss fileless malware, reverse shells, and live threats. Here's how ATT&CK-mapped runtime protection closes the gap.
Announcing Kubernetes workload protection in Snyk Container
Snyk added Kubernetes workload protection to Snyk Container. Here's what it does, why it matters now, and what security teams should ask before relying on it.
WAF vs RASP
WAF vs RASP: how edge filtering and runtime protection differ, why Log4Shell exposed WAF blind spots, and when security teams need both layers.
What is Runtime Protection
Runtime protection catches what pre-deployment scanning can't — live attacks like the XZ Utils backdoor and Log4Shell exploitation, detected only in production.
What is RASP
RASP runs inside an application and blocks attacks in real time, from the inside out. Here's how it works, how it differs from a WAF, and where it fits.
Aqua Security Platform Review: Cloud Native Security Done Right
An in-depth review of the Aqua Security platform covering container security, runtime protection, Kubernetes scanning, and how it fits into a modern DevSecOps workflow.
Runtime Application Self-Protection (RASP): A Practical Guide
RASP embeds security directly into the application runtime, detecting and blocking attacks from inside the app. It's powerful, controversial, and misunderstood. Here's what actually works.