Skip to main content
TrustRadius
AWS WAF

AWS WAF

Overview

What is AWS WAF?

Amazon Web Services offers AWS WAF (web application firewall) to protect web applications from malicious behavior that might impede the applications functioning and performance, with customizable rules to prevent known harmful behaviors and an API for creating and deploying web…

Read more
Recent Reviews
Read all reviews
Return to navigation

Pricing

View all pricing

Resource Type - Request

$0.60

Cloud
per 1 million requests

Resource Type - Rule

$1.00

Cloud
per month (prorated hourly)

Resource Type - Web ACL

$5.00

Cloud
per month (prorated hourly)

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services
Return to navigation

Product Details

What is AWS WAF?

AWS WAF Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(28)

Attribute Ratings

Reviews

(1-1 of 1)
Companies can't remove reviews or game the system. Here's why
November 26, 2020

Best Security Tool for Your Web Applications

Saim Jamali | TrustRadius Reviewer
Saim Jamali
Head of Software & Services
SamiPharma (Health, Wellness and Fitness, 10,001+ employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
AWS WAF is basically implemented to secure the web applications. I have a positive experience using the AWS Web Application Firewall (WAF). It has many features to protect our applications and solutions. The good thing about AWS WAF is it has the most friendly APIs for developers to create firewall rules for the web application. That makes our applications secure.
Pros and Cons
  • AWS WAF has the most developer-friendly API to create firewall rules.
  • AWS WAF provides OWASP security controls, which reduces developers' burden (i.e., SQL injection and cross-site scripting).
  • AWS WAF has customizable web security rules. The user can even push the rules through the API available, which is the great feature and helped me a lot.
  • It protects applications at layer 7 (HTTP) of the OSI model and not just layer 4 (TCP).
  • Need to enhance OWASP standards.
  • We are limited to five rate-based rules per AWS account.
Likelihood to Recommend
AWS WAF is perhaps one of the best web application firewalls out there to date. Thankfully we have had no issues and we have been commended for using reputable vendors like AWS for security and privacy matters as part of our GDPR and ISO certifications. I would suggest that prospective customers use the CloudFormation templates provided by Amazon for creating the WAF.
Return on Investment
  • It is a little expensive but helpful in many ways to secure applications.
  • Instant ability to update and change the WAF--easy to update and deploy changes and then review. Brilliant integration with other AWS services.
  • It is easy to deploy.
Alternatives Considered
There are a number of reasons to select AWS WAF. Most importantly, it easy to deploy. It helps programmers to protect against a wide range of vulnerabilities like injection attacks, DDoS, and many others from OWASP top 10. It allows us to set up rules and blocks any threats based on the configured rules. Based on the pattern of attacks, it is always easy to add another rule.
Usability
9
The product is highly scalable. It is easy to configure the rules and thereby helps us to mitigate many vulnerabilities.
The interface and programming of the firewall provisions were easy to setup. Amazon clearly spent a lot of time figuring this out and perfecting it. It allows users to do customized configurations based on their needs. It provides protection against a number of security issues like XSS, SQL injection, etc. I would definitely recommend this for protecting your infra as you scale, since this basically protects and filters all requests hitting your application server.
Support Rating
9
Very comprehensive support is available. The user community also available to help with AWS WAF. The vendor that helped us purchase this service was very cooperative and helped us at every point, especially at the time of deployment. Since then, we take lot of help from its different communities. The user support is an other key reason to select AWS WAF.
Return to navigation