What Security and Development Teams Need to Know About the New NIST 800-53 IAST and RASP Standards

The latest draft update of new requirements from the National Institute of Standards and Technology (NIST) confronts the failures of traditional application security tools that use static and dynamic testing approaches. The new NIST standards include guidance on the adoption of instrumentation in the form of interactive application security testing (IAST) and runtime application self-protection (RASP) tools. These standards are critical for reducing alert noise, minimizing interruptions to the development cycle, and prioritizing vulnerabilities that pose the greatest risk. In this Inside AppSec podcast, Contrast’s CTO and Co-founder Jeff Williams delves into the details of these two new standards and their implications for security and development teams.