Mechanisms exist to deploy Web Application Firewalls (WAFs) to provide defense-in-depth protection for application-specific threats.

Does the organization deploy Web Application Firewalls (WAFs) to provide defense-in-depth protection for application-specific threats?