re: Web Developer Security Checklist V2 VIEW POST

re: I wouldn't lump WAFs in with standard firewalls. Perimeter firewalls are your first line of defense against intrusion, and segment your network ba...

I'm trying to craft a point to address this simply.

  • [ ] Segment your network and protect sensitive services. Use firewalls, virtual private networks and cloud Security Groups to restrict and control inbound and outbound traffic to/from appropriate destinations.

Looks good to me! I saw you mentioned CloudFlare as a DDoS mitigator, they also provide a WAF service, which would be good in the HTTP traffic section.

code of conduct - report abuse