Regardless of how strict and well these solutions (WAF) are designed, there are always some ways to by-pass them. Systems designed with perfect rules and updated signatures are not perfect enough against unknown/unpredictable attacks since they all utilize rules and signatures (static) against attacks.
The most effective and primal security for securing Web Applications is WAF (Web Application Firewalls). WAFs inspect traffic by rules and signatures by allowing or blocking traffic either matching or unmatching rules and matching signatures.
ALISA can inspect all the traffic coming to application, reporting suspicious traffic and packets, optionally integrate with WAFs to create rules and signatures to remediate the vulnerability and block the attack fast.