|
|
|
|
|
|
by kabigon
954 days ago
|
|
|
I get it and the points made here are valid but, the reality is that the teams deploying the WAF + infra and the team writing the insecure/secure code are different teams with different roadmaps. We have to deploy a WAF because the developers are not writing this magical unicorn code that follows all security best practices and gets refactored once a week. There are vulnerabilities, issues etc. that need to be addressed just like any app. SO yes, WAF is necessary. |
|
|