Web application firewalls (WAFs) are designed primarily to protect applications from common attacks like:
WAFs detect how the application interacts with the environment, so they are optimal for detecting and refuting things like SQL injection and XSS. Password cracking, syn floods, and ransomware usually aren't taking place in the same way as injection and XSS, and they are better addressed with controls at the router and through the use of HIDS, NIDS, and antimalware tools.
Currently there are no comments in this discussion, be the first to comment!