Browser APIs and WAFs: Collaborative Client-Side Attack Mitigation

This podcast from Tech Unplugged, dated March 2025, explores the collaboration between browser APIs and Web Application Firewalls (WAFs) in order to better protect against client-side attacks. It defines WAFs and common client-side threats like XSS, CSRF, and clickjacking. The report then outlines various browser APIs relevant to security and details WAF features designed for client-side defense. Finally, it discusses the integration of these technologies and offers best practices and identifies limitations of relying on browser APIs for security in WAF implementations, concluding with real-world examples and a summary of their combined role in web security.