all InfoSec news
Why WAF Rate Limiting isn’t Enough | Impart Security
Security Boulevard securityboulevard.com
Some WAFs in the market offer rate limiting features designed to stop automated API attacks. They do this by implementing a centralized control plane with shared state and counters in the cloud to enable over time detections. However, these solutions still struggle with the unique challenges posed by API attacks, leaving customers frustrated enough to post about in on reddit:
Customers complaining about WAF rate limiting
The problem with many WAFs is that they are not architected to handle high …
api api attacks attacks automated challenges cloud control detections enable features isn market offer plane rate rate limiting security shared solutions state waf