This is a cyber security tool that is installed on the application itself that enables the app to detect attacks by leveraging its in-depth knowledge of the application's code, frameworks, structure, and internal data. RASP's can apply protection at runtime that is customized by application, but its scope is limited to the application it is installed on. RASP is usually used in tandem with a WAF that provides the outer layer of defense.