Security has been a concern since the dawn of the internet, and today's threats are more prevalent and sophisticated than ever. Success in security today means more mechanisms to protect not just the edge of your network, but every component from attacks. In this talk we go through the Zero-Trust principles and how they play a fundamental role in the design of secure modern systems. Then, we’ll review how the Web Application Firewall concept has evolved to the point no user, device, or network traffic is trusted by default. We’ll also then meet Coraza, a modern WAF library that embraces OWASP CoreRuleSet, and how together they protect web applications from a wide range of attacks.