Application of static taint analysis in RASP protection strategy

Abstract

Program analysis plays an important role in ensuring the safety and correctness of Programs. Based on the cloud native security system and from the perspective of building a secure runtime application, this paper introduces the key technologies and algorithms in runtime application self-protection (RASP), puts forward a protection strategy scheme that creatively combines static taint analysis and RASP, and discusses the application of the scheme in the process of DevSecOps. Finally, the feasibility of the scheme is summarized through an example. Through the combination of program analysis technology and preset protection strategy, it provides a reference for the implementation of runtime application security protection.