Hi Jack.
It would be great to control the traffic to SaaS service as it may lack either some significant security and business or both controls.
I don't have much info for your setup or needs so passing a solution documented for using third party CDN at
https://help.salesforce.com/articleView?id=domain_mgmt_domain_config_options.htm&type=5 from Salesforce community site as reference.
Please reach out to your AE team for more detailed discussion for this setup
Some SaaS control guidelines can be reviewed from
https://attack.mitre.org/matrices/enterprise/cloud/saas/ ------------------------------
Abhishek Gupta
Customer Success team
Imperva
------------------------------
Original Message:
Sent: 07-24-2020 00:59
From: Jack Jack
Subject: Securing SAAS behind WAF
With the objective to gain additional threat visibility, detection & prevention. Is it even a recommended practice to be securing SAAS applications like Salesforce CRM portal for example, behind Imperva WAF?
#CloudWAF(formerlyIncapsula)
------------------------------
Jack Jack
------------------------------