WEB-03
Web Application Firewall (WAF)
Description
Mechanisms exist to deploy Web Application Firewalls (WAFs) to provide defense-in-depth protection for application-specific threats.
Control Question
Does the organization deploy Web Application Firewalls (WAFs) to provide defense-in-depth protection for application-specific threats?
Control Metadata
Domain:
Web Security
Validation Cadence:
Annual