[ninegunpi]

Isn't RASP just slapping the WAF-like signature detection into your application data streams directly? How would RASP prevent:

1. Insiders having access to database front?

2. Same SQL bypass techniques as employed to bypass WAFs?

3. Mitigate developer errors in query logic which enable custom injections?