DescriptionWAF is an application firewall for HTTP applications, deployed by organizations with a web presence. It applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. While proxies generally protect clients, WAFs protect servers.
CyberDome’s Philosophy: An organization’s WAF should be integrated with vulnerability scanning, in a process where the WAF automatically creates a set of policies to mitigate any discovered vulnerabilities. They can be fully integrated into software management life cycles and other operations an organization may have.