Web application firewalls are an important way of catching certain security vulnerabilities, including obvious SQL injections, but the WAFs are certainly not a cure-all. Hugh Thompson, founder and chief security strategist at People Security, reviews why WAFs alone are not strong enough to tackle all of today's Web application threats, particularly attacks to business logic.
In this video, learn about the other important pieces that must be used in conjunction with the Web application firewall technology.
For more information:
- SMBs are buying Web application firewalls (WAF) for PCI DSS compliance, but they are of little use if they are just installed and then forgotten.