Engineers working on the web are usually well-versed in firewalls. It’s a good practice to limit the potential sources of incoming web traffic; not many engineers focus on limiting approved destinations for outgoing traffic. Locking down a list of approved egress destinations is a strong security stance which limits the potential impact of a breach.