Application Firewall - Why do you need a web application firewall?
Many web-based applications are vulnerable to a range of attacks that cannot be protected against by traditional network firewalls. For example, cross site scripting, cookie tampering, forceful browsing and SQL injection attacks can be used to steal information and disrupt user's transactions, but because these attacks are hidden deep within the HTTP or HTTPS transactions, they are very difficult to detect and prevent.
