In the era of Web applications, it’s important not to forget about protecting them. Developers are not always able to quickly eliminate vulnerabilities, as sometimes several teams need to interact to fix them.
Since you cannot stop the application for an indefinite time, and the risks must be minimized, WebApplicationFirewall comes to the rescue as quickly as possible.
WAF protects against such things as: SQL injections, unauthorized access to administrative resources from outside, CrossSiteRequestForgery, Cross-SiteScripting and others from the OWASP list.