How is it that Chase Banks website doesn't have a WAF?

:thinking: I mean, this website has one, even, according to the link below. Its a Web Application Firewall that allows you to do a basic scan of a website, and it tells you if it has a WAF or not among other things. Hackerspolit did a review of this WAF before, so I’m wondering how reliable this really is. If its true that Chase Bank doesn’t have a WAF set up, then someone in senior IT management needs to be fired. :unamused: