Any of web applications are prune to vulnerabilities even if there is SSL session initiated end to end.
There are multiple of WAF exists in the market to mitigate such security riks.
The BIG-IP Application Security Manager course gives participants a functional understanding of how to deploy, tune, and operate BIG-IP Application Security Manager (ASM) to protect their web applications from HTTP-based attacks.