The WAF dynamically learns the 'normal' behavior of your application and associates it with the threat intelligence network. It identifies malicious treats to innocent-looking web site traffic and also allows to prevent technical attacks such as SQL Injection, Cross-Site Scripting (XSS), and Remote File Attachment which use security vulnerabilities in Web applications.
WAF is able to do 'virtual patch' for web applications through security vulnerabilities browser integration. After a security gap is discovered in the code used on the web page, the code change can take longer than planned. In the meantime, it is easy to protect the web applications against attacks with the virtual patch instead of leaving them open for the attacks.