Skip to content
Home RASP Tools Hdiv Protection
Hdiv Protection

Hdiv Protection

ACQUIRED
Category: RASP
License: Commercial
Visit Website →
Suphi Cankurt
Suphi Cankurt
AppSec Enthusiast
Updated February 10, 2026
1 min read
Key Takeaways
  • Acquired by Datadog in May 2022 — technology integrated into Datadog Application Security Management (ASM).
  • Used web flow integrity validation to prevent parameter tampering, XSS, SQL injection, and CSRF in Java and .NET apps.
  • Validated that client submissions matched server-side expectations by tracking server-generated data through request cycles.
  • Recommended alternatives include Contrast Protect, Dynatrace Application Security, and Imperva RASP.

Hdiv Protection was the RASP component of the Hdiv application security suite.

Datadog acquired Hdiv Security in May 2022, integrating its runtime protection technology into Datadog Application Security Management (ASM). The standalone Hdiv product is no longer maintained.

What was Hdiv Protection?

Hdiv (HTTP Data Integrity Validator) started as a web security framework and evolved into a full RASP solution.

It was known for its unique approach to web application security through data flow integrity validation.

Historical Features

Web Flow Integrity

Hdiv tracked the integrity of web application flows:

  • Validated that parameters matched server-side expectations
  • Detected client-side manipulation of hidden fields
  • Prevented parameter tampering attacks

Data Validation

The platform validated:

  • Form field integrity
  • URL parameter validity
  • Cookie tampering attempts
  • Session manipulation

Attack Protection

Hdiv protected against:

  • Cross-Site Scripting (XSS)
  • SQL Injection
  • Cross-Site Request Forgery (CSRF)
  • Parameter manipulation
  • URL tampering

How It Worked

Hdiv used a unique approach compared to traditional RASP:

Server → Generate page with Hdiv tokens → Client
Client → Submit with tokens → Hdiv validates integrity → Application

By tracking what data the server sent, Hdiv could detect when clients modified that data maliciously.

Current Status

Datadog acquired Hdiv Security in May 2022 and integrated its runtime protection capabilities into Datadog ASM. The standalone product is no longer maintained or supported.

Organizations using Hdiv should consider these alternatives:

AlternativeTypeNotes
Contrast ProtectRASPMulti-language RASP
Dynatrace AppSecRASPPart of observability platform
Imperva RASPRASPEnterprise-grade protection
OpenRASPRASPOpen-source option

Migration Considerations

When migrating from Hdiv:

  1. Inventory protected applications - Document all applications using Hdiv
  2. Evaluate alternatives - Test new solutions in staging environments
  3. Plan deployment - Schedule migration windows
  4. Validate protection - Ensure new solution covers all attack vectors
  5. Remove Hdiv - Clean up Hdiv dependencies from applications

Technical Notes

Hdiv was available for:

  • Java (Spring, Struts, JSF)
  • .NET
  • Grails

Applications using Hdiv typically required code changes or framework integration to implement protection.

Note: Acquired by Datadog in May 2022. Technology integrated into Datadog ASM.

Frequently Asked Questions

What is Hdiv Protection?
Hdiv Protection was the RASP component of the Hdiv application security suite, known for its web flow integrity validation approach to prevent parameter tampering.
Is Hdiv Protection still maintained?
No. Hdiv Security is no longer actively maintained. Organizations should migrate to alternatives like Contrast Protect, Dynatrace, or Imperva RASP.
How did Hdiv Protection protect applications at runtime?
Hdiv tracked server-generated data and validated that client submissions matched server-side expectations, detecting parameter tampering, XSS, SQL injection, and CSRF attacks.
What platforms did Hdiv Protection support?
Hdiv was available for Java (Spring, Struts, JSF), .NET, and Grails applications, typically requiring framework integration to implement protection.
How we review tools Suggest an edit

Other RASP Tools

Imperva RASP
Imperva RASP

Combines with Imperva WAF

Contrast Protect
Contrast Protect

Application Detection and Response (ADR) Beyond RASP

Datadog Application Security
Datadog Application Security

APM-Integrated Runtime Protection

Dynatrace
Dynatrace

Full-Stack Observability with Built-in Security

Waratek
Waratek

Java Runtime Protection & Virtual Patching

MO
ModSecurity

Open-Source WAF Engine

See all RASP tools

Complement with DAST

Pair runtime protection with dynamic testing for broader coverage.

Burp Suite
Burp Suite

Web Application Pentesting Toolkit

Tenable Web App Scanning
Tenable Web App Scanning

Nessus-Powered Cloud DAST with Attack Surface Management

See all DAST tools

Learn More

What is SAST? What is DAST? What is IAST? What is RASP? SAST vs DAST vs IAST SAST vs SCA

Explore our Application Security Testing resource hub