HI, im new to network security and im trying to learn about WAF.

What's the difference between on-prem vs cloud waf? How and who is responsible for deployment? devops? Is it like istio?

What attacks does it prevent against compared to maybe SAST or DAST or IAST tool?

What attacks does waf can't protect against? Where does waf fall short?

How does it monitor network? Now i know its monitors packets based on signatures or patterns and a user can define those rules? But what does it use to create those rules? Regex? Data events? or something else?

Can you do container security with it? How? or why not?

sorry if this is too basic, i'm going through a lot tutorials but it seems nobody can explain in simple way. Most tutorials, documents, blogs have a feel that you already know what a waf is.

Any resources would be helpful. Thanks!