Web application firewalls (WAF) are designed to protect web apps by filtering and monitoring incoming traffic. These tools analyze HTTP traffic as it comes in, blocking potentially malicious traffic and identifying traffic anomalies. Companies use these tools in conjunction with additional application security software to better protect operational web applications. These tools differ from traditional firewalls, which control traffic between servers, by filtering traffic and content attempting to access a specific web-based application.
To qualify for inclusion in the Web Application Firewalls (WAF) category, a product must:
Web Application Firewall (WAF) reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.
Imperva Incapsula delivers an enterprise-grade Web Application Firewall to safeguard your site from the latest threats, an intelligent and instantly effective 360-degree anti-DDoS solutions (layers 3-4 and 7), a global CDN to speed up your website's load speed and minimize bandwidth usage and an array of performance monitoring and analytic services to provide insights about your website's security and performance.
NGINX, Inc. is the company behind NGINX, the popular open source project trusted by more than 400 million sites. We offer a suite of technologies for developing and delivering modern applications. The NGINX Application Platform enables enterprises undergoing digital transformation to modernize legacy, monolithic applications as well as deliver new, microservices‑based applications. Companies like Netflix, Starbucks, and McDonalds rely on NGINX to reduce costs, improve resiliency, and speed innovation. NGINX investors include Blue Cloud Ventures, e.ventures, Goldman Sachs, Index Ventures, MSD Capital, NEA, Runa Capital, and Telstra Ventures. NGINX, Inc. is headquartered in San Francisco, CA, with an EMEA head office in Cork, Ireland and APAC head office in Singapore. Learn more at https://www.nginx.com/
Cloudbric is a cloud-based web security provider, offering an award-winning Web Application Firewall (WAF), DDoS protection, and SSL. Cloudbric offers security primarily to startup and SMB websites that lack cybersecurity experience or can't afford expensive IT security solutions. Cloudbric’s services are free for all websites with less than 4GB of bandwidth per month. We charge based on amount of web traffic, making Cloudbric perfect for SMEs and new startups. Our services are military-grade protection for the little guy.
Alert Logic's SIEMless Threat Management offering seamlessly connects an award-winning security platform, threat intelligence & expert defenders to provide the right level of security & compliance coverage for the right resources across your environments. Choose your level of coverage for asset discovery, vulnerability scanning, cloud configuration checks, threat monitoring, intrusion detection, log collection & monitoring, WAF defense & more - with 24/7 support & SOC services.
Eliminate application vulnerabilities and stop data breaches. You depend on applications everyday. They are how your customers and partners connect with you, and they are how your employees get their jobs done. Unfortunately, your applications remain one of the most commonly exploited threat vectors. Barracuda WAF protects your web, mobile and API applications from being compromised, and prevents data breaches— ensuring you maintain your reputation and your customer's confidence.
Bekchy is a cloud-based web application firewall. Bekchy provides protection against SQL Injection, XSS, CSRF, RCE, RFI/LFI and other vulnerabilities specified by OWASP Top 10. It is compatible with Nginx, Apache, Litespeed, IIS, Apache Tomcat, Lighttpd, Haproxy and all web application servers as well as all software languages like PHP, .net, Java, Ruby and Python. Bekchy works in front of all web application servers from SMB to enterprises and government agencies.
Help protect your critical data from hacking, phishing, site scraping, cross-site scripting and parameter tampering, with CenturyLink Web Application Firewall services. CenturyLink® Web Application Firewall (WAF) delivers substantial web application protection from attacks and helps prevent costly data breaches and downtime. WAF delivers dynamic ongoing website protection, allowing application transactions only from authorized users and protecting critical data from a variety of attacks, such as hacking, phishing, site scraping, cross-site scripting and parameter tampering. • Fully managed installation, configuration and ongoing management of a web application firewall service based on acclaimed Imperva technology • Includes 24x7 Monitoring - to help you react quickly and efficiently to threats as they emerge • Inspection of traffic let through the perimeter firewall to the web servers • Encrypted traffic inspection of encrypted traffic • Proactive blocking of malicious traffic"
WAF enables effective protection against XSS (Cross-Site Scripting) attacks, SQL injections, and zero-day exploits. Also, it enables blocking the activity of suspicious bots stealing the contents. The protection rules are user-definable and the protection is active round the clock. The WAF functionality is addressed to all website owners.
KEMP’s Application Firewall Pack (AFP)* combines Layer 7 Web Application Firewall protection with other application delivery services including intelligent load balancing, intrusion detection, intrusion prevention as well as edge security and authentication. KEMP WAF provides continuous protection against vulnerabilities with daily rule updates based on threat intelligence and research from information security provider, Trustwave.
OpenFusion Security offers enterprises two very effective application security gateway products for firewalling Web Services and CORBA/EJB based applications. Both DBC products provide extensive Authentication, Authorization and Audit (AAA) functionality.
Defends against the latest attacks, data breaches and helps eliminate downtime. The WAF serves as an essential part of any defense-in-depth security architecture by providing advanced inspection and specialized security for the web application layer. The WAF can operate as a standalone unit or in conjunction with the ADS Series for defense-in-depth security.
feature-rich web application security platform is 100% cloud-based. It's artificial intelligence based machine learning algorithms effectively protect web applications from cyber attacks. Configured as a reverse-proxy, the Web Application Protection platform inspects all traffic destined to your web application origin and identifies and blocks any malicious traffic.
Venusense Web Application Firewall (WAF) is a new generation of Web security protection and application delivery product developed by Venustech. It mainly provides HTTP/HTTPS traffic analysis for Web servers, prevents attacks aimed at Web application vulnerabilities, optimizes Web application accesses to improve the availability, performance, and security of Web/network protocol based applications and ensure the quick, secure, and reliable delivery of Web service applications.
Verizon WAF is a Cloud-based Web Application Firewall and is a key component of Verizon’s DEFEND suite of web security solutions. Verizon WAF is based on the world’s most deployed web application firewall engine, ModSecurity, and is designed to provide a high degree of protection against cybercrime, hacktivism, and cyber espionage.
Forms a network of cloud security enabled by big data analytics against web application attacks. Based on the self-learning protection engine, WAF can detect and counter zero-day attacks timely to protect websites from sensitive info leakage, data tampering, and web defacement to ensure website security.