Jun 15, 2026
Our WAF was configured perfectly. OWASP top ten covered. Custom rules for our API endpoints. Bot detection enabled. Then a bot spent three days scraping our entire product catalog and we didn’t …
Jun 8, 2026
My WAF Ignored a DDoS Attack — Here’s Why
We had an attack. Not a tiny nuisance, but a proper denial-of-service. The kind that makes your servers sweat and your support team prepare for angry …
May 11, 2026
If you’ve been in web security for more than a year, you’ve heard of WAFs — Web Application Firewalls. But in 2026, WAF alone isn’t enough. Enter WAAP: Web Application and API …
Jan 5, 2026
January is the traditional kickoff for CVE season, and 2026 is shaping up to be the most active year yet for web application vulnerabilities. As security teams return from the holidays, the first …
Jul 6, 2024
Understanding the Modern Threat Landscape: WAF, API Security, Bot Mitigation, and DDoS In today’s interconnected digital world, organizations face a relentless barrage of sophisticated cyber …