It’s no secret that it’s easier to hack than to protect. For example, for attackers, it’s as simple as finding a single point of entry, whereas defenders need to patch all of the holes. Defenders usually work under tight schedules and budgets, while attackers have no such limits. The way for defenders to break this asymmetry is by using the information they have and their knowledge of their systems to their advantage, and to design and implement a security solution accordingly. This is especially true when it comes to WAF configuration and virtual patching.