From the course: Microservices Security Workshop: From Build to Production
Join today to access over 24,900 courses taught by industry experts.
Web application firewalls (WAF)
From the course: Microservices Security Workshop: From Build to Production
Web application firewalls (WAF)
- [Instructor] Now that we have fully built and deployed our microservice application in a secure way, it's time to shift focus towards monitoring and protecting that application at runtime. This is the part that I think is the coolest and I am the most psyched to talk about. The first and most fundamental protection to look at is the Web Application Firewall or the WAF. A WAF sits in front of your application and acts as a basic filter for incoming traffic. It's designed to catch known attack patterns, malformed requests, and common payloads that might be trying to exploit low-hanging vulnerabilities. It works by inspecting HTTP requests before they're passed onto your backend services. If something looks suspicious, it blocks the request and logs the attempt. I usually think of this capability as the baseline for runtime application security. It won't prevent every attack, but it can catch a surprising number of generic threats before they cause damage. These include attacks like…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.