In today's complex cybersecurity landscape, it is increasingly challenging to protect against ever more prevalent and sophisticated attacks. Securing modern applications requires implementing multiple layers of protection, not just at the network edge but throughout every component of the system. This talk will explore how Zero Trust principles are playing a critical role in the design of secure modern systems in the cloud era and how they are driving the evolution of Web Application Firewall (WAF) technology. We'll also introduce Coraza, a cutting-edge WAF library that leverages OWASP CoreRuleSet, and demonstrate how it, combined with a Zero Trust Architecture, is safeguarding web applications from a wide range of cyber attacks.