Web application firewalls (WAFs) are one of many web application security solutions at your disposal. Unfortunately, some MSSPs treat them as a direct replacement for other classes of tools, for example, web vulnerability scanners. The two classes are as different as they get and the only way to get the most out of them is to use them both at the same time, not replace one with the other.
Guest bog courtesy of Invicti, an international web app security company headquartered in Austin, Texas. See more Invicti guest blogs here. Regularly contributed guest blogs are part of MSSP Alert’s sponsorship program.