For the most part, new technology is evolutionary, it advances on the innovations of the past. An example of evolutionary technology in the security world would be next generation firewall. It advanced the technology already created to provide some new capabilities.
Every so often, we see a technology that is innovative, and even rarer a truly transformational technology, or an innovation that changes the way a problem is solved and from which new technology will spring. RASP (Runtime Application Self-Protection) is just such a technology, and will change the way we look at security.
Existing security technologies fail to protect and diagnose our production applications. There are several reasons why they fail:
RASP is a unique technology that solves all the deficiencies described above. RASP, typically, gets instrumented into application runtime engine: into a JVM, .Net CLR, Apache server, etc. It becomes an additional feature of such engine, capable of detecting attacks and protecting against them. Being an integral part of the runtime, it has a comprehensive view of the logic flow, data flow, and configuration. It can be instrumented in the engine whether it runs on-premise, in the cloud, or on a mobile device (the latter is a coming capability, but coming inevitably). Perimeter is irrelevant for RASP: It is equally vigilant against insiders and outsiders. And it does not make changes to application code.
And, just as we saw multiple technologies arise from the advancement of network packet inspections, (firewalls, UTMs, web gateways, etc.), as RASP technology continues to mature, we will see other technologies spin out of its capabilities. All that makes RASP a transformational paradigm and technology, which advances application protection to an unseen level of assurance.