I’ve been told to get a WAF sorted from the scans results of threatview, whats the difference between threatview and WAF? should I have both?

Hello Shirley, A Web Application Firewall (WAF) protects web applications by filtering, monitoring and blocking malicious HTTP traffic between a web application and the internet. It can protect web applications from many different attacks such as SQL injection, DDoS, cross-site scripting, cross-site forgery, file inclusion and cookie manipulation. Threatview uses passive assessment techniques to assess for malware and vulnerabilities, we currently don’t offer WAF services, although it is something we will be looking at offering in the future. We would recommend using both a WAF and threatview, in case anything bypasses the WAF, threatview will be able to identify it.