0. Overview

pyrasp is a Runtime Application Self Protection package for Python-based Web Servers and cloud functions. It protects against the main attacks web applications are exposed to, from within the application. It is also capable of providing basic telemetry such as cpu and memory usage and requests count. It also enables Zero-Trust access for critical applications.

It can operate using a local configuration file or get it from a remote/cloud server. Logs and telemetry (optional) can be sent to remote servers as well, and threats information can be shared across agents.

One specificity of pyrasp relies on the fact that it does not use signatures. Instead it will leverage decoys, thresholds, system and application internals, machine learning and grammatical analysis.

Security Modules

Security modules, technology, and operations are provided in the table below.

Module	Technology	Function
Flood & Brute Force	Threshold	Identifies and blocks repetitive connections or attempts from same source
Forbidden Headers	List Validation	Denies requests with specified headers
Requests Validation	Application Internals	Denies requests with invalid path or methods
Spoofing	Header Validation	Denies requests with mismatching Host header
Decoy	Path	Identifies request to known scanned paths
SQL Injection	Grammatical Analysis + Machine Learning	Detects and blocks SQL injection attempts
XSS	Machine Learning	Detects and XSS attempts
Command Injection	System Internals	Prevents command injections attempts
HTTP Parameter Polution	Grouping	Prevents HPP attacks attempts
Data Leak Prevention	Regexp	Blocks outgoing sensible data
Zero-Trust	Agent-Based	Authorizes connection to valid agents and updated browsers

Supported Frameworks

pyrasp currently supports:

• Flask

• FastAPI

• Django

• AWS Lambda functions

• Google Cloud functions

• Azure Functions