Building a Business Case to Get Beyond the Application Perimeter Defense (WAF) Status Quo (Part 1)

Inside AppSec - A podcast by Contrast Security

Categories:

There is widespread concurrence that the web application firewall (WAF) is insufficient when it comes to protecting web applications. In this podcast interview, the first in a two-part series on application runtime security, Contrast Security’s Head of Product Marketing for Contrast Protect Derek Rogerson discusses how a WAF runs on the perimeter and lacks the context needed to identify which attacks pose a risk and which ones do not. This results in piles of false positives that consume valuable time to remediate. Plus, because WAFs employ signatures to identify potential threats, they fail to pinpoint unknown threats and zero-day attacks. Finally, WAFs require regular recalibration to accommodate threat changes, which often is a heavy lift for most security teams.