Kubernetes is the de facto operating system of the cloud. This presents a more significant threat target, but most companies running their workloads on Kubernetes don't take a security-first approach. Threats, including zero-day attacks and the OWASP-Top-10, are on the rise. In this talk, we'll discuss how Web Application Firewalls (WAF) work and walk through some options in Kubernetes Ingress, NGINX, and API Gateways that can improve security. Also, how to use machine learning to prevent attacks and provide preemptive web app & API threat protection.