RASPunzel
Project RASPunzel aims to deliver an automated and scalable runtime application self-protection (RASP) solution for Java.
RASPunzel
RASPunzel
Project RASPunzel aims to deliver an automated and scalable runtime application self-protection (RASP) solution for Java.
Project Overview
How it works
Project RASPunzel brings RASP to the next level by synthesizing lightweight security monitors that can run along a production application and prevent attacks in real-time.
Key challenges
When it comes to security, there is no one-size-fits-all solution. RASPunzel, aims to continuously synthesize, update, and deploy custom RASP monitors based on data collected from the applications themselves.
Different vulnerabilities also call for different monitors and synthesis strategies. Our current research focus is regular expression, and grammar inference applied to the synthesis of lightweight deserialization, injection (e.g. SQLi, XML, and others) and cryptographic misuse monitors.
Industrial researcher with 10+ years leading research projects in program analysis and cybersecurity. Currently leading the Possum Pie project with an aim to check, tighten and ultimately infer security policies for cloud-native applications.
I am passionate about leading highly technical R&D projects and developing industrial tooling to automatically reason about code and detect vulnerabilities before they reach customers. Throughout my career, I have developed and patented static, dynamic, runtime and fuzzing analyses. I have also led explorations PDF and MS Office malware detection.