As web applications mature and become more popular, organizations need to focus more on maintaining a positive security footprint around them. Traditionally, web application security was handled using a combination of the corporate firewall, authentication to an LDAP directory, and a hardened web server in the DMZ network. In a modern infrastructure, where attacks are more sophisticated and cloud-based resources are commonplace, these security measures are often still in place, but can be further enhanced by a web application firewall (WAF).
