Web Application FirewallsNGINX1https://media.trustradius.com/product-logos/BU/mh/32GN4B930X4U-180x180.PNGCloudFlare2https://media.trustradius.com/vendor-logos/hX/QA/OZAMPT25VJ8G-180x180.PNGF5 BIG-IP3https://media.trustradius.com/product-logos/U4/Ku/WHB53XESVVQ0.pngOracle Dyn Web Application Security Platform4https://media.trustradius.com/vendor-logos/VC/02/T4E108T4IWP2-180x180.PNGAWS WAF5https://media.trustradius.com/vendor-logos/LY/YM/1TDXH4LPI5BH-180x180.JPEGBarracuda Web Application Firewall6https://media.trustradius.com/vendor-logos/cV/TT/VZW5UWK3DW36-180x180.JPEGAlert Logic Web Security Manager7https://media.trustradius.com/vendor-logos/6s/Kj/LNDO4FAX2DHG-180x180.JPEGImperva Web Application Firewall (WAF)8https://media.trustradius.com/vendor-logos/Ju/3f/ZODO0FS3XXK4-180x180.JPEGComodo cWatch9https://media.trustradius.com/vendor-logos/QG/sV/G1522B0P2EWE-180x180.JPEGStackPath (formerly Highwinds) CDN10https://media.trustradius.com/vendor-logos/Zf/Ro/C833JTPNV0V0-180x180.JPEGCloudbric11https://media.trustradius.com/vendor-logos/7Z/6f/ZQ1E0V2N5C5A-180x180.JPEGFortiWeb12https://media.trustradius.com/vendor-logos/MZ/NA/I0WLZ36A46RB-180x180.JPEGF5 Advanced Web Application Firewall13https://media.trustradius.com/vendor-logos/oO/bi/C802NVLZVC9G.pngPT Application Firewall14https://media.trustradius.com/vendor-logos/Yw/Np/67WNFAT6EKTO-180x180.JPEGRadware AppWall15https://media.trustradius.com/vendor-logos/cZ/2O/U47QJGVT4AV6-180x180.JPEGR&S Web Application Firewall16https://media.trustradius.com/vendor-logos/t1/03/GW9B3JVCDZK1-180x180.JPEGWAPPLES17https://media.trustradius.com/product-logos/4O/87/8117VCCVTFJN-180x180.JPEGCenturyLink Web Application Firewall (WAF)18https://media.trustradius.com/vendor-logos/OK/UO/KTW2ZSTJRMM2-180x180.JPEGQualys Web Application Firewall (WAF)19https://media.trustradius.com/vendor-logos/Kr/jJ/32G0095MQS8X-180x180.JPEGSonicWall Web Application Firewall20https://media.trustradius.com/vendor-logos/zc/Na/VOD2KUJ9G2Z3-180x180.JPEGSymantec Web Application Firewall (WAF) and Reverse Proxy21https://media.trustradius.com/vendor-logos/4q/QY/K9TTG2FGRKUZ-180x180.PNGBekchy22https://media.trustradius.com/product-logos/NU/oN/QRF7VEAVMK35-180x180.PNGSangfor NGAF23https://media.trustradius.com/vendor-logos/vy/hl/2GZ3GG424F04-180x180.PNGInstart Web Security24https://media.trustradius.com/product-logos/31/2R/O2VO7T7EDGU1-180x180.JPEGLimelight Cloud Security25https://media.trustradius.com/vendor-logos/rE/YS/SVTXSH4T74CM-180x180.JPEG

Web Application Firewalls

Web Application Firewall (WAF) Overview

What are Web Application Firewalls (WAFs)?

Web Application Firewalls (WAFs) hel protect externally-facing web applications. WAFs are part of a layered cybersecurity strategy. It falls to the WAF to prevent zero-day attacks on web apps and APIs that potentially reside in serverless architecture.

In 2006 the Payment Card Industry Data Security Standard (PCI DSS) mandated the protection of applications in production environments with web application firewalls or other devices that provide similar functionality.

Web Application Firewall (WAF) Features & Capabilities


WAFs protect web applications against threats such as:

  • Cross-site scripting

  • SQL injection

  • Session hijacking

  • Denial of service

  • Buffer overflows


WAFs generally present the following features:


  • Libraries of attack data based on known attacks to web applications

  • Monitoring, filtering and blocking of data and access to web applications

  • Automated attack detection, both identity-based (e.g. dynamic whitelisting, fingerprinting, risk scoring) and behavioral (e.g. risk scoring)

  • Advanced security techniques (e.g. deception/misdirection, virtual patch deployment, honeypot)

  • Zero-day attack prevention (related to the above)

  • A management interface with alert system

  • Reporting and analytics on threat and application usage

Pricing Information

The cost of web application firewalls depends on deployment. There are three options:

  1. A managed service or cloud-hosted WAF delivered as part of a subscription. This can be relatively low overhead as part of a larger subscription (e.g. part of a CDN). But it also may contain unneeded features.

  2. A network-based appliance. This presents relatively high overhead but reduces latency because it is installed locally and close to the application.

  3. A host-based WAF residing in the application’s code. This is rarer and may present less desirable computing costs and greater maintenance.

Web Application Firewalls Products

Listings (1-25 of 32)

NGINX

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
Top Rated
59 Ratings

According to NGINX, a business unit of F5 Networks since the May 2019 acquisition, NGINX powers over 65% of the world's busiest websites and web applications. NGINX started out as an open source web server and reverse proxy, built to be faster and more efficient than Apache. Over the years, NGINX...

CloudFlare

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
66 Ratings

CloudFlare, from the company of the same name in San Francisco, provides DDoS security to business domains, as well as a content delivery network (CDN) and web application firewall (WAF).

31 Ratings

F5 BIG-IP software from Seattle-based F5 Networks is a load balancing and application protection solution suite available on cloud or via virtual editions, on a subscription or perpetual licensing basis. The BIG-IP suite of products supports a wide range of security and application performance ne...

14 Ratings

Amazon Web Services offers AWS WAF (web application firewall) to protect web applications from malicious behavior that might impede the applications functioning and performance, with customizable rules to prevent known harmful behaviors and an API for creating and deploying web security rules.

1 Ratings

Comodo Cybersecurity headquartered in Clifton offers cWatch, a website malware and vulnerability scanner that provides content filtering as well at the free service level, and at paid premium subscription levels supplies WAF, DDoS protection, as well as load balancing and website performance prot...

We don't have enough ratings and reviews to provide an overall score.

Founded on its data encryption technology, Penta Security Systems is an IT security company that provides platform solutions, hardware and virtual appliances, and security services. Latest innovations include solutions for IoT and blockchain-based environments. Founded in 1997 by Seokwoo Lee, the...

We don't have enough ratings and reviews to provide an overall score.

FortiWeb is Fortinet's web application security system (or web application firewall, WAF) featuring advanced vulnerability management and threat detection and prevention, available in deployment as an appliance or virtual appliance, also as a hosted or a cloud-based virtual solution.

We don't have enough ratings and reviews to provide an overall score.

Positive Technologies headquartered in Framingham offers the PT Application Firewall (AF), a web application firewall (WAF) which uses advanced machine learning and correlative techniques to detecting and prevent zero-day attacks on enterprise apps.

We don't have enough ratings and reviews to provide an overall score.

Radware offers AppWall, a PCI compliant web application firewall (WAF) securing corporate networks and the cloud against web app attacks.

We don't have enough ratings and reviews to provide an overall score.

Founded on its data encryption technology, Penta Security Systems is an IT security company that provides platform solutions, hardware and virtual appliances, and security services. Latest innovations include solutions for IoT and blockchain-based environments. Founded in 1997 by Seokwoo Lee, the...

We don't have enough ratings and reviews to provide an overall score.

Bekchy is a cloud-based web application firewall, developed by Faydata Information Technologies Inc. Bekchy works in front of all web application servers. According to the vendor, Bekchy is used by finance, health, education, tourism and media sectors. It provides basic and advanced protection f...

We don't have enough ratings and reviews to provide an overall score.

Sangfor NGAF is a combined NGFW and Web Application Firewall. It provides a full core suite of firewall services scaled for enterprises.

We don't have enough ratings and reviews to provide an overall score.

Instart provides a complete set of cloud services for web application performance and security. Instart’s global CDN and performance optimization services accelerate dynamic content and images. Instart security services provide security at the browser through script protection, security at the or...

We don't have enough ratings and reviews to provide an overall score.

Limelight Cloud Security is a content access and permission management solution with web application firewall and DDoS protection, providing a digital rights management (DRM) solution for video content.