Cloudflare, from the company of the same name in San Francisco, provides DDoS and bot mitigation security for business domains, as well as a content delivery network (CDN) and web application firewall (WAF).
F5's Advanced WAF is built on F5 technology and goes beyond
reactive security such as static signatures and reputation to
proactively detect and mitigate bots, secure credentials and sensitive
data, and defend against application denial-of-service (DoS). Advanced
WAF redefines application security to address the most prevalent threats
F5 Advanced WAF Features
Supported: In-Browser Data Encryption - Encrypts data at the app layer to protect against data-extracting malware and man-in-the-middle (MITM) attacks.
Supported: Behavioral DoS - Behavioral analytics and machine learning provide L7 DoS detection and mitigation.
Supported: API Protocol Security - Deploys security tools to secure REST/JSON, XML, and GWT APIs. Ingest OpenAPI files to automate configuration of API security.
Supported: OWASP Top 10 Defense - Complies with OWASP top 10 vulnerability mitigations.
Supported: Stolen Credential Protection - Protects against brute-force attacks that use stolen credentials.
Supported: Declaritive API-based deployment and configuration integrates into DevOps CI/CD pipelines.
F5 Advanced WAF Video
F5 DevCentral's John Wagnon provides an overview of F5 Advanced Web Application Firewall (Advanced WAF) that extends security beyond the basic protections traditional WAF's offer.
I use to propose F5 WAF to protect applications and APIs, because nowadays there are many applications which have open source code or third code that make then more vulnerable and for the fact that there are many types of attacks like SQLi, XXS, DDoS, bad bots attacks, client side attack and many more.
We've been using F5's WAF for many years in our organization. We utilize it for all external facing applications, our ecommerce platform as well as some internal applications. Through some fine tweaking we've made our environment highly scalable, resilient and secure. By far one of the best investments the enterprise has made and we plan on keeping these devices running for many years to come.
F5 WAF provides much more control and has a lot of features that can be used to protect your applications. You can have granular configuration settings per application and disable attack signatures on very specific scenarios whenever is needed. Also, the logs are very detailed and helpful to analyze the requests.