Satisfaction With WAFs at Only 40 Percent>
Security Boulevard – Timothy Chiu
A Ponemon study released in 2019 showed that satisfaction with WAFs (Web Application Firewalls) is at 40 percent, and effectiveness of WAFs rated at only 43 percent. Those figures may seem low, but they reflect the growing disillusionment with WAF security that was recently discussed in a Dark Reading article.

As a further confirmation of the lack of trust in WAF security the same Ponemon study showed that only 22 percent WAFs deployed are used to both detect and block threats. The study was based on a survey of 595 IT and IT security professionals, who are responsible for the WAFs in their organization.

Finally, and perhaps most reflective of the sentiment against WAFs, the study found that 65 percent of respondents said that attacks on their organization had bypassed their WAFs, either sometimes (42 percent) or frequently (23 percent).

Maybe itâs time to take a hint from the recent finalization of the National Institute of Standards and Technology (NIST)âs SP800-53 that was just released on September 23, 2020. The new security and privacy framework standard now requires Runtime Application Self-Protection (RASP) as an added layer of security in the framework.
Link: https://securityboulevard.com/2021/01/satisfaction-with-wafs-at-only-40-percent/