Ctrip Technology

Oct 15, 2020 · Information Security

Deploying OpenRASP IAST at Ctrip: Architecture, Challenges, and Data‑Pollution Prevention via Bytecode Instrumentation

This article describes Ctrip's practical deployment of OpenRASP‑based IAST, outlines the challenges of data pollution caused by traffic replay, and presents a Java bytecode instrumentation solution that intercepts SocketOutputStream writes to prevent dirty data from persisting in databases, caches, and message queues.