EVERYTHING I LEARNED & WANTED TO FORGET ABOUT WAFS
Application security is nothing like it was 25 years ago. Today, almost all enterprise applications have some web-facing component, whether in the form of a pure web-app, cloud application, API, or microservice. Furthermore, attackers have become more efficient, persistent and sophisticated, while all along, web application security has failed to keep up. Web Application Firewalls (WAFs) have long been at the center of web application security strategy but have also created large gaps with their difficult-to-manage whitelist and signature approaches.