PyRASP
  • Python RASP
  • Release Notes
  • 0. Overview
  • 1. Installation
  • 2. Run
  • 3. Configuration
  • 4. Event Logs Format
  • 5. Cloud Operations
  • 6. Status, Telemetry, Configuration & Blacklist updates
  • 7. API
  • 8. Zero-Trust Application Access
  • A1. Addendum: AWS Lambda Specificities
  • A2. Addendum: Google Cloud Functions Specificities
  • A3. Addendum: Azure Function Specificities
  • A4. Addendum: MCP Security
  • A5. Contact & Support
Powered by GitBook
On this page
  • Security Modules
  • Supported Frameworks

0. Overview

PyRASP is a Runtime Application Self Protection package for Python-based Web Servers and cloud functions. It protects against the main attacks web applications are exposed to, from within the application. It also enables Zero-Trust access for critical applications ensuring only sanctionned browsers with proper authentication can connect. Additionnaly, PyRASP provides basic telemetry such as cpu and memory usage and requests count.

PyRASP also protects MCP servers tools from malicious inputs injections, and prevents data leaks (PII and credentials) that would result from unexpected processing.

It can operate using a local configuration file or get it from a remote/cloud server. Logs and telemetry (optional) can be sent to remote servers as well, and threats information can be shared across agents.

One specificity of PyRASP relies on the fact that it does not use signatures. Instead it will leverage decoys, thresholds, system and application internals, machine learning and grammatical analysis.

Security Modules

Security modules, technology, and operations are provided in the table below.

Module
Technology
Function

Flood & Brute Force

Threshold

Identifies and blocks repetitive connections or attempts from same source

Forbidden Headers

List Validation

Denies requests with specified headers

Requests Validation

Application Internals

Denies requests with invalid path or methods

Spoofing

Header Validation

Denies requests with mismatching Host header

Decoy

Path

Identifies request to known scanned paths

SQL Injection

Grammatical Analysis + Machine Learning

Detects and blocks SQL injection attempts

XSS

Machine Learning

Detects and XSS attempts

Command Injection

System Internals

Prevents command injections attempts

HTTP Parameter Polution

Grouping

Prevents HPP attacks attempts

Data Leak Prevention

Regexp

Blocks outgoing sensible data

Zero-Trust

Agent-Based

Authorizes connection to valid agents and updated browsers

Supported Frameworks

PyRASP currently supports:

  • Flask

  • FastAPI

  • Django

  • Google Cloud functions

  • Azure Functions

  • AWS Lambda functions (Discontinued since version 0.8.3)

  • FastMCP

PreviousRelease NotesNext1. Installation

Last updated 18 days ago