Imperva Cyber Community

Expand all | Collapse all

Securing SAAS behind WAF

  • 1.  Securing SAAS behind WAF

    Posted 13 days ago
    With the objective to gain additional threat visibility, detection & prevention. Is it even a recommended practice to be securing SAAS applications like Salesforce CRM portal for example, behind Imperva WAF?
    #CloudWAF(formerlyIncapsula)

    ------------------------------
    Jack Jack
    ------------------------------


  • 2.  RE: Securing SAAS behind WAF

    Imperva Employee
    Posted 10 days ago
    Hi Jack.

    It would be great to control the traffic to SaaS service as it may lack either some significant security and business or both controls.
    I don't have much info for your setup or needs so passing a solution documented for using third party CDN at https://help.salesforce.com/articleView?id=domain_mgmt_domain_config_options.htm&type=5  from Salesforce community site as reference.

    Please reach out to your AE team for more detailed discussion for this setup  
    Some SaaS control guidelines can be reviewed from https://attack.mitre.org/matrices/enterprise/cloud/saas/ 
    ------------------------------
    Abhishek Gupta
    Customer Success team
    Imperva
    ------------------------------