Web applications (web apps) are rapidly growing in both importance and complexity. As e-commerce becomes more popular, the availability and security of an organization’s web presence have a dramatic impact on its profitability.
While developers commonly perform security scanning against the code that they write in-house, this is only a fraction of the code contained within a web application. Heavy use of third-party code, including open-source libraries, adds new functionality but also introduces additional vulnerabilities.
For most organizations, who have limited visibility into the external code that their applications depend upon, a web application firewall ( WAF ) is the best choice for protecting their web applications against exploitation.
When creating a new application, few, if any, developers write every line of code from scratch. The sheer complexity of any program requires the use of existing code to implement crucial functionality.