--- title: AWS WAF Reviews meta_title: 'AWS WAF Reviews 2026: Details, Pricing, & Features | G2' meta_description: Filter 72 reviews by the users' company size, role or industry to find out how AWS WAF works for a business like yours. aggregate_rating: rating_value: 4.3 review_count: 72 scale: '5' date_modified: '2026-06-24' parent_category: name: "DevSecOps\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t" url: https://www.g2.com/categories/devsecops --- # AWS WAF Reviews **Vendor:** Amazon Web Services (AWS) **Category:** [Web Application Firewalls (WAF)](https://www.g2.com/categories/web-application-firewall-waf) **Average Rating:** 4.3/5.0 **Total Reviews:** 72 ## About AWS WAF AWS WAF (Web Application Firewall) is a security service designed to protect web applications and APIs from common web exploits and bots that can compromise security, affect availability, or consume excessive resources. By enabling users to define customizable web security rules, AWS WAF allows precise control over which traffic to allow or block, ensuring robust protection tailored to specific application needs. Key Features and Functionality: - Customizable Security Rules: Users can create rules to filter web requests based on conditions such as IP addresses, HTTP headers, HTTP body, or custom URIs, allowing for tailored security measures. - Managed Rule Groups: AWS WAF offers pre-configured rule groups managed by AWS or AWS Marketplace sellers, providing protection against common threats like SQL injection and cross-site scripting (XSS). These rules are regularly updated to address emerging vulnerabilities. - Bot Control: The service includes capabilities to monitor, block, or rate-limit common and pervasive bots, helping to prevent automated attacks such as web scraping and credential stuffing. - Real-Time Monitoring and Logging: AWS WAF integrates with Amazon CloudWatch, offering real-time metrics and capturing detailed information about web requests. This visibility aids in analyzing traffic patterns and fine-tuning security settings. - DDoS Protection: When used in conjunction with AWS Shield, AWS WAF provides automatic protection against Distributed Denial of Service (DDoS) attacks, ensuring application availability during large-scale attack attempts. - Integration with AWS Services: AWS WAF seamlessly integrates with other AWS services such as Amazon CloudFront, Application Load Balancer, and Amazon API Gateway, enabling centralized security management across various applications. Primary Value and Problem Solved: AWS WAF addresses the critical need for robust web application security by providing a scalable and customizable firewall solution. It empowers organizations to protect their web applications and APIs from a wide range of threats, including common exploits and automated attacks, without compromising performance. By offering both managed and custom rule capabilities, AWS WAF enables businesses to implement security measures that align with their specific requirements. Its integration with other AWS services and real-time monitoring features further enhance an organization's ability to maintain a strong security posture, ensuring the availability and integrity of their web applications. ## AWS WAF Pros & Cons **What users like:** - Users value the **easy protection against common attacks** offered by AWS WAF, enhancing website security effortlessly. (2 reviews) - Users appreciate the **native AWS ecosystem integration** of AWS WAF, enhancing security without the hassle of separate tools. (1 reviews) - Users value the **custom rules** of AWS WAF for simplifying protection against common web attacks effortlessly. (1 reviews) - Users appreciate the **easy protection** AWS WAF provides against common attacks, requiring minimal manual setup. (1 reviews) - Users value the **effective DDoS protection** provided by AWS WAF, ensuring automated and rapid mitigation against threats. (1 reviews) - Users value the **native integration with AWS services** that simplifies security management and enhances overall protection. (1 reviews) - Users value the **seamless integration with AWS services** , enhancing security without the hassle of separate tools. (1 reviews) **What users dislike:** - Users find the **complex configuration** challenging initially, making the setup process difficult for beginners. (1 reviews) - Users find AWS WAF **expensive** , especially due to confusing pricing and complexity in initial configuration. (1 reviews) - Users face challenges with **ineffective blocking** as AWS WAF lacks precise geographic access control needed for security. (1 reviews) ## AWS WAF Reviews ### 1. Strong Web App Protection with AWS WAF’s Managed Rules and Seamless AWS Integrations **Rating:** 4.5/5.0 stars **Reviewed by:** Atharva P. | Cloud BI Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** June 08, 2026 **What do you like best about AWS WAF?** What I like most about AWS WAF is that it helps protect web applications from common threats without requiring dedicated security appliances or complicated infrastructure. Features such as managed rule sets, custom rules, IP filtering, and bot protection make it easier to secure applications while still maintaining performance. Its integration with CloudFront, Application Load Balancers, and API Gateway is especially valuable because it lets me apply security controls consistently across multiple application entry points. **What do you dislike about AWS WAF?** False positives can sometimes happen, especially when aggressive security rules end up blocking legitimate traffic. To maintain a good balance between strong security and a smooth user experience, ongoing rule tuning and regular monitoring are necessary. **What problems is AWS WAF solving and how is that benefiting you?** AWS WAF helps protect internet-facing applications from common web attacks and malicious traffic. We use AWS WAF to secure APIs and web applications running behind CloudFront and Application Load Balancers. It blocks malicious requests, suspicious IP addresses, SQL injection attempts, and other common OWASP attack patterns before they ever reach our application servers. Overall, this strengthens application security, reduces unnecessary load on our backend systems, and supports our efforts to meet security compliance requirements. ### 2. Strong Threat Protection with Easy Log Monitoring and Centralized Management **Rating:** 4.5/5.0 stars **Reviewed by:** Yogesh G. | Linux Administrator, Information Technology and Services, Small-Business (50 or fewer emp.) **Reviewed Date:** May 05, 2026 **What do you like best about AWS WAF?** It protects against threats and hackers, and it lets us manage internet traffic according to our organization’s policy. It’s also easy to monitor the logs. There’s a large community and well-maintained documentation, plus support for centralized management. Customer support has been good as well. It provides a rich feature set for targeted protection, the ability to configure Web ACLs, and managing rule sets. **What do you dislike about AWS WAF?** None, since the tool does deliver on the capabilities and features described in their whitepapers. That said, the pricing model is opaque, and we’ve been caught off guard by scaling costs before. **What problems is AWS WAF solving and how is that benefiting you?** I have experience working with AWS WAF to protect web applications from common web exploits and to secure APIs against threats such as SQL injection, XSS, and bot traffic. I configured custom rules and integrated WAF with CloudFront and an Application Load Balancer to manage and control incoming traffic effectively. ### 3. Easy AWS Integration with Powerful Managed Rules **Rating:** 4.0/5.0 stars **Reviewed by:** Ravi R. | DevOps Engineer, Health, Wellness and Fitness, Mid-Market (51-1000 emp.) **Reviewed Date:** April 26, 2026 **What do you like best about AWS WAF?** Aws integration - easy integration with aws services like api gateway , CloudFront and load balancers. UI is good Easy setup Managed rules IP based protection/rule, gro-location, rate based limiting, headers inspection. Performance is good but need to be improve. Inbuilt Also AI related features and services added. **What do you dislike about AWS WAF?** Its cost is slightly expensive. Its rules- rule order management is confusing No.AI support **What problems is AWS WAF solving and how is that benefiting you?** Protection and security of our applications running im aws environments. IP based protection is.well and helping alot. By using IP whitening, we have allowed our authorized vendors. ### 4. Flexible, Fast AWS Integration with Powerful Security Controls **Rating:** 4.5/5.0 stars **Reviewed by:** Nidal S. | Senior DevOps Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** May 13, 2026 **What do you like best about AWS WAF?** Its flexibility and fast integration with AWS services like CloudFront and ALB. It allows adding security controls such as rate limiting and IP blocking without changing the application itself. **What do you dislike about AWS WAF?** It is not very transparent during detections and tuning, and it still misses some attack patterns unless rules are carefully customized and monitored continuously. **What problems is AWS WAF solving and how is that benefiting you?** AWS WAF helps protect public applications from common attacks like bots, abusive traffic, and HTTP exploits without requiring application changes. It benefits us by reducing security risks, improving visibility, and allowing faster mitigation during incidents. ### 5. AWS WAF: Scalable Native Security with a "Pay-as-you-Go" Complexity Tax **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Retail | Enterprise (> 1000 emp.) **Reviewed Date:** March 18, 2026 **What do you like best about AWS WAF?** Its native integration with CloudFront and ALB eliminates external latency while offering instant protection via Amazon-managed rules against OWASP threats. The pay-as-you-go model makes it accessible for any scale, allowing you to secure your infrastructure without upfront contracts. It is the ultimate "set and forget" solution for the AWS ecosystem. **What do you dislike about AWS WAF?** Inspection & Capacity: Its strict 64 KB body inspection limit and 5,000 WCU cap can leave larger payloads unmonitored or force you to compromise on security depth. Cost & Complexity: Native dashboards are basic, requiring paid CloudWatch/S3 logging and manual Athena queries just to visualize and tune frequent false positives. **What problems is AWS WAF solving and how is that benefiting you?** AWS WAF addresses the critical need for automated, real-time protection against application-layer attacks like SQL injection and bot scraping without requiring manual signature updates. Problem Solved: It stops malicious traffic (OWASP Top 10, DDoS, and bots) from reaching your servers, preventing data breaches and resource exhaustion. Your Benefit: You save significant engineering time through managed rule sets and a pay-as-you-go model that scales security automatically with your traffic. ### 6. Web Application Firewall inside AWS ecosystem **Rating:** 4.5/5.0 stars **Reviewed by:** Luca P. | Chief Operations Officer DEQUA Studio | Formerly CTO in MarTech, Marketing and Advertising, Small-Business (50 or fewer emp.) **Reviewed Date:** August 30, 2025 **What do you like best about AWS WAF?** The most practical aspect of AWS WAF is its native integration with the AWS ecosystem. The connection with CloudFront, Application Load Balancers, API Gateway, and AppSync creates a unified security layer without managing separate security tools or dealing with compatibility issues. AWS Managed Rules handle OWASP Top 10 vulnerabilities, SQL injection, XSS, and bot traffic without writing and maintaining custom signatures. The Application Layer DDoS protection with automated mitigation actions provides protection against layer 7 attacks with detection times measured in seconds. The bot control managed rule group mitigates persistent bot traffic, while fraud control offers account takeover and account creation fraud prevention. These features integrate with existing application workflows and provide visibility into attack patterns. You can set thresholds based on source IP addresses, HTTP headers, or custom keys, and the five-minute aggregation window balances responsiveness with avoiding false positives. Combining rate limiting with geographic restrictions and IP reputation filtering creates layered protection. Great Cloudwatch integration! Detailed metrics on blocked requests, allowed traffic, and rule performance. The AntiDDoS dashboard provides visibility into DDoS events with granular metrics for different mitigation actions. Sending filtered logs to OpenSearch for custom alerting supports proactive threat response. **What do you dislike about AWS WAF?** You cannot block specific regions within countries or implement more granular geographic filtering based on threat intelligence. This limitation affects applications that need precise geographic access controls. **What problems is AWS WAF solving and how is that benefiting you?** AWS WAF seamlessly integrates with existing AWS infrastructure to provide unified web application security without architectural changes or additional complexity. The native integration with CloudFront, Application Load Balancers, and API Gateway means I can add enterprise-grade protection to running applications within the existing AWS ecosystem. The service eliminates security deployment bottlenecks by allowing protection rules to be implemented directly through the same AWS console and APIs used for infrastructure management. This tight integration means security becomes part of the standard deployment workflow rather than a separate process requiring different tools or teams. AWS WAF provides centralized threat protection across all AWS application services from a single management interface. Whether protecting static content through CloudFront or dynamic APIs through API Gateway, the consistent security policies and unified monitoring eliminate the complexity of managing multiple security solutions. The solution automatically scales protection with AWS workloads without requiring capacity planning or performance tuning. As applications grow or traffic patterns change, WAF protection adapts seamlessly within the AWS infrastructure, maintaining consistent security posture across all environments. ### 7. Simple Yet Powerful Web Protection with AWS WAF **Rating:** 4.0/5.0 stars **Reviewed by:** Pradeep R. | Software Developer, Computer Software, Small-Business (50 or fewer emp.) **Reviewed Date:** October 21, 2025 **What do you like best about AWS WAF?** I like that AWS WAF makes it easy to protect websites from common attacks like SQL injection and XSS without much manual setup. **What do you dislike about AWS WAF?** It can be a bit complex to configure at first, and the pricing can get confusing for beginners. **What problems is AWS WAF solving and how is that benefiting you?** AWS WAF helps protect my web applications from attacks like SQL injection, XSS, and bots. It saves time by automatically blocking malicious traffic and keeps my site secure without needing constant manual monitoring. ### 8. AWS WAF - Reliable Web Application Firewall **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Small-Business (50 or fewer emp.) **Reviewed Date:** April 07, 2025 **What do you like best about AWS WAF?** 1) AWS WAF is very easy to deploy and requires no additional software installation, DNS, config, or SSL/TLS certifications management. 2) We can able to create customer rules for specific needs. These rules can be based on IP addresses, UPL strings, or even HTTP body content. 3) AWS WAF provides a strong defense mechanism against SQL injection, cross-site scripting, and DDoS attacks. 4) Developers can automate rule creation and deployment using AWS APIs or cloud formation templates, streamlining security management during application development and reducing manual effort. 5) Since it offers pay-as-you-go pricing based on traffic and rules leading to variable cost. **What do you dislike about AWS WAF?** While AWS has more features, it can be complex to configure initially for users unfamiliar with firewall systems or automation. Compared to other WAF scale vertically within AWS resources ecosystem. **What problems is AWS WAF solving and how is that benefiting you?** It has helped me in two different scenarios. One is while managing traffic; I am able to filter it based on the IP address and HTTP header body. Because of this, it has helped us in faster response time and good user experience. While managing one ITES customer, they often operate the platform with a user account. WAF monitors login pages for unauthorized access attempts using compromised credentials, reducing the risk of account fraud. ### 9. Good Firewall Service **Rating:** 5.0/5.0 stars **Reviewed by:** Igor Z. | Senior DevOps Manager, Small-Business (50 or fewer emp.) **Reviewed Date:** August 04, 2020 **What do you like best about AWS WAF?** The simplicity of configuration and management **What do you dislike about AWS WAF?** I actually does not have anything I don't like **What problems is AWS WAF solving and how is that benefiting you?** The protection from threats and as a Maintenance Page Firewall ### 10. Protect a web applications from common cyber attacks. **Rating:** 4.0/5.0 stars **Reviewed by:** Hiran T. | SOC Analyst, Information Technology and Services, Mid-Market (51-1000 emp.) **Reviewed Date:** February 19, 2024 **What do you like best about AWS WAF?** AWS WAF protects web applications from common web exploities. The user can create a policy and take control over the block and filters. AWS WAF can easily be integrated and managed by the Amazon firewall manager and can be easily implemented in the Amazon cloud platform. The user can monitor and frequently analyze the incoming network traffic. Customer support is very responsive and satisfactory which help the user to fix issues in less time. **What do you dislike about AWS WAF?** The pricing of AWS WAF is based on the components like Web ACL, Rule, Bot control and fraud Control. which make a user to pay part by part which is bit annoying. **What problems is AWS WAF solving and how is that benefiting you?** The WAF device help in protecting the web application from the cyber attackers. Besides the firewall devices, the WAF acts as an additional security device which increases the security posture of the IT infrastructure. And also provide the realtime visibility to the incoming network traffics. ### 11. WAF for Additional Security **Rating:** 3.5/5.0 stars **Reviewed by:** Ajay S N. | Junior Devops Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** January 06, 2024 **What do you like best about AWS WAF?** WAF can provide different levels of security. We will be able to implement it in the root level. We can make rules to allow or block access that meets conditions. **What do you dislike about AWS WAF?** Initially it was too tough for me to tackle WAF as the concepts are bit complex to understand. **What problems is AWS WAF solving and how is that benefiting you?** One of our client wanted a captcha on their login page before logging in. I was able to implement it with WAF. ### 12. AWS WAF won't comprise on the Security **Rating:** 5.0/5.0 stars **Reviewed by:** Khushboo R. | Accounts Receivable Associate, Marketing and Advertising, Mid-Market (51-1000 emp.) **Reviewed Date:** September 20, 2023 **What do you like best about AWS WAF?** The most helpful aspects and upsides of using AWS WAF are: 1.Security enchancement - AWS WAF helps in enchancing the security of your web applications by protecting them from a wide range of online threats, such as SQL injection, cross-site scripting(XSS) and more. 2.Customizable Rules: AWS WAF offers a high degree of customization, allowing you to creates rules and regulations tailored to your specific application's needs. 3.Scalability: AWS WAF scales with your's applications needs. you can handle varying level of traffic and adjust your rules and policies accordingly. **What do you dislike about AWS WAF?** While AWS WAF offers many benefits, there are also some potentials downsides of using AWS WAF, which are states below: 1.Costs: While the AWS WAF offers pay-as-you go pricing model, cost can add up, especially for large scale application with high traffic volumes and complex rules sets. 2.Regional Deployment:AWS WAF is deployed regionally, which means you need to configure it separately in each AWS Region where application is hosted. this can add up complexity if your application spans multiple regions. **What problems is AWS WAF solving and how is that benefiting you?** AWS WAF addresses the business problem of safeguarding web application from various cyber threats and attacks, such as SQL injection, cross-site scripting and bot traffic. By preventing this, businesses can protect their asset and data online, they can maintain customer trusts, and avoid costly security breaches and downtime. ### 13. Best Firewall service for AWS resources with easy integration **Rating:** 4.5/5.0 stars **Reviewed by:** Srinivas P. | Engineering Manager, Small-Business (50 or fewer emp.) **Reviewed Date:** September 22, 2023 **What do you like best about AWS WAF?** - Easy integration setup for AWS cloudfront and load balancers - Bot traffic and maliciuos requests can be easily blocked - AWS Managed rules provides a quick start to secure requests - Allows to customize response when requests are blocked - Has a Count feature which allows to validate requests before enabling action on the rule **What do you dislike about AWS WAF?** - Multiple rule setup and priority leads to complications - Costs can add up as it proportional to the request count **What problems is AWS WAF solving and how is that benefiting you?** - Web security for our applications - Blocking bot and malicious traffic - Blocking requests at origin before it flows to application - Blocking unwanted requests like filtering based on paylaod, request path etc.. ### 14. AWS WAF needs more improvement **Rating:** 4.0/5.0 stars **Reviewed by:** Prashant G. | Cloud Network Security, Information Technology and Services, Enterprise (> 1000 emp.) **Reviewed Date:** August 30, 2023 **What do you like best about AWS WAF?** AWS native WAF can be easily integrated with Application Load Balancer with which we can allow Internet bound Inbound traffic directly on ALB. Same ALB can be protected by AWS Shield, with this we can achieve DDoS L3, L4 & L7 protection. Also AWS WAF supports third party vendor managed rules i.e. F5, Imperva etc to add in WEB ACL **What do you dislike about AWS WAF?** AWS managed WAF rules has limitations of protecting against OWASP top 10 attack pattern i.e. if you change SQL injection attack pattern, AWS Managed WAF rules failed to block it. AWS needs to work on such sort of things. **What problems is AWS WAF solving and how is that benefiting you?** AWS WAF supports native protection of L7 layer and if we integrate with other AWS native service's like ALB, AWS Shield this gives better protection. AWS supports usgae of third party managed WAF rules, because which we can take advantage of big third party vendors like F5, Imperva, Cloudflare etc ### 15. Review for AWS WAF **Rating:** 4.5/5.0 stars **Reviewed by:** Sneha P. | Network Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** January 05, 2024 **What do you like best about AWS WAF?** AWS WAF is the web based firewall which has built-in DDOS attack protection to stop any DDOS attacks. Also, the AWS support team quickly responds to the queries or concerns raised. **What do you dislike about AWS WAF?** There is no dislike about AWS WAF as it has good features. **What problems is AWS WAF solving and how is that benefiting you?** The AWS WAF is the good application in securing the network where we can choose the deploying the rules by creating API rules. Also, it protects the web traffic of the applications securely with integration of various services. ### 16. Complete protection for web application! **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.) **Reviewed Date:** October 17, 2023 **What do you like best about AWS WAF?** We are using AWS WAF for securing our e-learing web applcation where we have defiened webACL rules to block unwanted traffic which can be suspicious. quite easy to impliment also provides live monitoring of traffic and can be connected with other aws services like aws cloudwatch using which user can monitor and analyze traffic. **What do you dislike about AWS WAF?** I don't think their is much to dislike about AWS WAF but still implementation can be time consuming, other than that it's one of the best web application firewall which offers pay as you go pricing. **What problems is AWS WAF solving and how is that benefiting you?** AWS WAF acts as a protection layer between external internet traffic and our application using which we can customize rules to allow or block traffic which allows us to protect our web application from any kind of attack like DDos or Dos which ensures avaiability of application, we are using it in our E-learning platform to protect our website from any external attacks. ### 17. Best security tool for web application **Rating:** 4.5/5.0 stars **Reviewed by:** Gaurav B. | Associate - Finance Control, Mid-Market (51-1000 emp.) **Reviewed Date:** September 21, 2023 **What do you like best about AWS WAF?** We can set a standard of rules and because of this we can save time even though it has great inbuilt rules. It has a easy tracking and managing bots and blocking of bots function. **What do you dislike about AWS WAF?** It is a good product but a bit expensive compared to its peers and also end to end encryption for multi customer are issue. **What problems is AWS WAF solving and how is that benefiting you?** As we have implemented it in our systems, it has given us an immense satisfaction in terms of web security which previously used to be breached and was an hactic issue for us to Solve and a bit time consuming ### 18. Secure and protect web applications and API's using AWS WAF **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Consulting | Enterprise (> 1000 emp.) **Reviewed Date:** July 20, 2022 **What do you like best about AWS WAF?** Easily configure WAF to filter, monitor and block any malicious traffic traveling to the web application and API Gateways ensuring the traffic is safe and identify and stop any malicious traffic **What do you dislike about AWS WAF?** it is not possible to extend AWS WAF for applications built outside AWS (on-premise or any other cloud). AWS WAF cannot be deployed directly to EC2 instances and can only be associated with ALB , CloudFront & API Gateway **What problems is AWS WAF solving and how is that benefiting you?** We are using WAF mainly with API Gateway in our projects for rate limiting, IP filtering thus help avoid common web exploits like SQL injection and XSS attacks ### 19. Protect your web applications from attacks **Rating:** 3.5/5.0 stars **Reviewed by:** Naga Venkata Satish Kumar B. | Mid-Market (51-1000 emp.) **Reviewed Date:** September 19, 2023 **What do you like best about AWS WAF?** AWS WAF is a pay-as-you-go service so we will pay for what we use this is scalable reliable and easy to use. We continue using the CLI Command line interface, which does not require GUI. **What do you dislike about AWS WAF?** If is it pay as you go service this will be expensive for high-traffic websites and it will generate a lot of traffic where the bill spikes will be high and expensive **What problems is AWS WAF solving and how is that benefiting you?** The web applications that we build require high secure environment AWS WAF helps us in building secure and safe applications to our customer needs this helps us business growth. ### 20. Best WAF for AWS hosted app **Rating:** 4.5/5.0 stars **Reviewed by:** Ankit J. | Cyber Security Specialist, Mid-Market (51-1000 emp.) **Reviewed Date:** December 19, 2023 **What do you like best about AWS WAF?** Very easy to deploy and configure. There are managed rules and custom rule creation. **What do you dislike about AWS WAF?** Log should contain more details about attack type and reason for block. **What problems is AWS WAF solving and how is that benefiting you?** We have deployed WAF with ALB, and protecting application againt OWASP top10. ### 21. AWS WAF **Rating:** 3.5/5.0 stars **Reviewed by:** Sitam S. | Devops Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** September 12, 2023 **What do you like best about AWS WAF?** This helps to prevent any attacks on application and since it is AWS managed service it reduces the effort to setup. **What do you dislike about AWS WAF?** This brings cost False positives like any other security system. Setup is complicated. **What problems is AWS WAF solving and how is that benefiting you?** Features like monitoring and logging Custom rules setup Easy to manage complicated rules ### 22. Easy and intuitive way to implement a WAF **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Small-Business (50 or fewer emp.) **Reviewed Date:** November 27, 2018 **What do you like best about AWS WAF?** Organization and progression of key elements needed to build your WAF. The rules engine is easy to implement. **What do you dislike about AWS WAF?** I dislike that I have to do this, but its a necessary evil **Recommendations to others considering AWS WAF:** great if you use cloudfront **What problems is AWS WAF solving and how is that benefiting you?** securing multiple cloudfront sites for internal use over the Internets ### 23. Simple and safe way to protect our applications **Rating:** 5.0/5.0 stars **Reviewed by:** Preksha S. | Mid-Market (51-1000 emp.) **Reviewed Date:** October 18, 2023 **What do you like best about AWS WAF?** A very safe and secured tool for keeping my applications away from bots and fraud. **What do you dislike about AWS WAF?** Need to provide better dashboard metrics **What problems is AWS WAF solving and how is that benefiting you?** Cost saving, bot control and easiness to implement AWS WAF ### 24. Best Firewall Solution for your application **Rating:** 5.0/5.0 stars **Reviewed by:** Rahul S. | Devops engineer, Construction, Mid-Market (51-1000 emp.) **Reviewed Date:** March 17, 2023 **What do you like best about AWS WAF?** Earlier we used to get millions of requests on our APIs in few seconds that was not possible from users, it seems like DDOS attack, which was taking lots of CPU and memory, costing us a lot, then we added WAF in cloud front to block bot attacks and detect and block IPs. **What do you dislike about AWS WAF?** Overall it's good, but sometimes we do load testing it also block that IPs, it take that as bot attack. But this is also good but we want to whitelist some IPs that doesn't seems possible here, I guess.. **What problems is AWS WAF solving and how is that benefiting you?** It's preventing bot attacks for our APIs that was a big problem for us, after getting millions of request, our system starts automatically autoscaling that was not necessary, because that was not real traffic, costing us a lot. ### 25. AWS WAF - A one stop solution for web app infrastructure. **Rating:** 5.0/5.0 stars **Reviewed by:** Achyut S. | Enterprise (> 1000 emp.) **Reviewed Date:** April 18, 2023 **What do you like best about AWS WAF?** One best thing about AWS WAF is that it allows you to customize requests and responses. For example, when AWS WAF blocks a request, the default response code sent back to the client is HTTP 403 (Forbidden). **What do you dislike about AWS WAF?** One shortcoming of AWS WAF is that it can only protect web applications built on AWS. Additionally, AWS WAF can be difficult to operate daily as it requires high rule-making knowledge. **What problems is AWS WAF solving and how is that benefiting you?** I use AWS WAF almost daily for my corporate functionalities and responsibilities. I use it in different environments like Staging and Production to protect application request based on HTTP and HTTPS. Some of them, are really complex but WAF rules helps a lot in automation. ### 26. Easy to configure, a lot of pre-baked configs available **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Insurance | Small-Business (50 or fewer emp.) **Reviewed Date:** May 03, 2023 **What do you like best about AWS WAF?** A lot of managed rules available, easy to setup and a lot of integrations available. **What do you dislike about AWS WAF?** The limitation for POST body check is well-known, about it not covering the entire request body (first 16kb by default), while other products are offering instead. **What problems is AWS WAF solving and how is that benefiting you?** Protects the web-facing endpoints of my resources. It saves our time on configure the ingress network setting of each of my web facing component individually. ### 27. AWS WAF **Rating:** 5.0/5.0 stars **Reviewed by:** Priyanshi P. | AWS associate-Cloud Infrastructure Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** June 29, 2023 **What do you like best about AWS WAF?** AWS Web Application Firewall bot filtering **What do you dislike about AWS WAF?** AWS Web Application Firewall only attached to few resources like can't be attach in EC2 **What problems is AWS WAF solving and how is that benefiting you?** WAF allows us to block bot requests & filter out bot requests ### 28. Safe and Secure **Rating:** 5.0/5.0 stars **Reviewed by:** Neil S. | DevOps Engineer, Computer Software, Small-Business (50 or fewer emp.) **Reviewed Date:** September 23, 2022 **What do you like best about AWS WAF?** WAF is an essential tool by AWS that can provide an extra layer of security for DDOS Attacks and more that can harm your system at any moment, the rules and conditions to block countries and see logs is great. **What do you dislike about AWS WAF?** There should be a feature where we can see the logs in a more detailed manner and some more explanation on how priority works. **What problems is AWS WAF solving and how is that benefiting you?** AWS WAF is not solving it is protecting many organizations and applications from being attacked and preventing it to happen. ### 29. AWS WAF!!!! **Rating:** 4.5/5.0 stars **Reviewed by:** Karthik Y. | System Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** January 07, 2023 **What do you like best about AWS WAF?** Overall experience with AWS WAF is excellent. AWS WAF has various features to protect our applications & API against DDoS attacks, Unknown exploits & Bots. The real-time detection for HTTPS Monitoring helps us get the actual traffic to the application and its block traffic of Bots. **What do you dislike about AWS WAF?** No, we haven't faced any challenges with AWS WAF **What problems is AWS WAF solving and how is that benefiting you?** Most liked the feature is UI& Detailed reports. ### 30. Easy Setup security layer **Rating:** 5.0/5.0 stars **Reviewed by:** Abhishek G. | DevSecOps, Enterprise (> 1000 emp.) **Reviewed Date:** April 21, 2022 **What do you like best about AWS WAF?** We have been recommending and leveraging WAF to multiple clients. WAF provides multiple managed protection policies managed by aws and integration of third-party services. The best thing is that it's easy to set up and integrate with CloudFront, load balancer, or API gateway. There is multiple customizations that can be performed like rate limiter rules, aws managed rules, or custom rules to make sure your system is protected from the external threat or major attacks. **What do you dislike about AWS WAF?** Though it's easier to set up it doesn't offer total security. For eg, companies that are in the payment gateway sector won't benefit from waf as in rate limit rule min threshold per source-based IP is 100,i.e., if a particular IP attempts 100 times in 5 mins then it will block that IP and with hackers coming with multi IP approach it becomes inefficient. The alternate is to use Shield advanced but there are major third party tools like Cloudflare which provides better DDoS protection and I would like aws should enhance their waf efficiency **What problems is AWS WAF solving and how is that benefiting you?** Provides basic security to the infrastructure from predicted attacks like cross-site scripting attacks, SQL injection attacks, basic DDoS attacks, Block already blacklisted ips, etc. ### 31. No Brainer for Securing API development environment 👍 **Rating:** 4.0/5.0 stars **Reviewed by:** Lankit P. | AWS DevOps Engineer | Full-stack Laravel Developer, Small-Business (50 or fewer emp.) **Reviewed Date:** September 11, 2022 **What do you like best about AWS WAF?** How easy it is to set up on an already existing environment, especially in the context of AWS EC2, you configure it, and your web application or API Backend is instantly secured. **What do you dislike about AWS WAF?** Exclusive to AWS would be one downside, in my opinion. This should have been a universal service, and some cost-effectiveness would have been significant. But overall its a hefty service to deal with internet security **What problems is AWS WAF solving and how is that benefiting you?** API development is work where many setups are skipped, and we directly get to write business logic, unlike traditional web applications. So here, if we have the power to set up security without additional steps. It'll naturally be a plus point to the whole experience. ### 32. Excelent services with a broad environments **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Banking | Small-Business (50 or fewer emp.) **Reviewed Date:** May 24, 2023 **What do you like best about AWS WAF?** well documented and have a great environment of **What do you dislike about AWS WAF?** it is a little complex about the pricing costs **What problems is AWS WAF solving and how is that benefiting you?** Enable secure access to web application ### 33. This is one of the best of WAF solution and easy to implement **Rating:** 5.0/5.0 stars **Reviewed by:** Rishabh J. | IT Security Risk Assessor, Enterprise (> 1000 emp.) **Reviewed Date:** August 16, 2022 **What do you like best about AWS WAF?** It can be easily associated with any Cloud front or CDN and using web ACL we can define very condition easily and can be customized and highly scalable rules which will help web application hosting content can be secured from web attacks **What do you dislike about AWS WAF?** Once the rules are configured it takes time to get live and sometimes if you put more rules, it could also raise certain performance problems as well, which they can improve **What problems is AWS WAF solving and how is that benefiting you?** WAF is providing security against Web attacks and malicious payloads which are crafted on the application layer of the application and also being an architect its deployment helps any one to achieve good result as same case with me ### 34. Best Firewall service **Rating:** 4.0/5.0 stars **Reviewed by:** Sachin S. | Application Development Analyst, Enterprise (> 1000 emp.) **Reviewed Date:** September 13, 2022 **What do you like best about AWS WAF?** Few months back, when log4j issue was there, multiple applications and services were down, whereas AWS WAF has already upgraded itself, to avoid any loss. Moreover, it is convenient to use. **What do you dislike about AWS WAF?** The AWS console for WAF settings changes is good, but when it comes to IAAC updation, I find it a little challenging. I think, AWS has to work on this WAF settings change by using Code. **What problems is AWS WAF solving and how is that benefiting you?** AWS has always secured my application from unwanted traffic and bugs online. I have been it's user for more then a year now. It has worked excellent since then. ### 35. Great WAF for applications deployed in cloud. **Rating:** 4.5/5.0 stars **Reviewed by:** Kartik S. | Information Security Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** September 08, 2022 **What do you like best about AWS WAF?** The best part of this tool is that its easy to deploy,always on top to release new signatures for zero days. **What do you dislike about AWS WAF?** I am not happy with the number of false positives they generate and feel the product is priced a bit high as compared to others. **What problems is AWS WAF solving and how is that benefiting you?** It's helping our firm to block top owasp attacks and keeping us compliant with security standards ### 36. Now all your files and documents are highly secured!! **Rating:** 4.0/5.0 stars **Reviewed by:** Ramadevi R. | Programmer analyst, Enterprise (> 1000 emp.) **Reviewed Date:** February 27, 2022 **What do you like best about AWS WAF?** Amazon WAF(Web Application Firewall) offers best security over the applications that are being deployed in specific instances of the client. The client instances in which the Amazon WAF is installed, will act like a Proxy security system, thus securing all the activities from outside parties. **What do you dislike about AWS WAF?** The thing which I dislike in Amazon WAF is that, it offers security only to the web applications., that too., Those applications which are deployed only on AWS can be protected from third party vendors. **What problems is AWS WAF solving and how is that benefiting you?** When compared to other security services offered by various providers, Amazon WAF gives a highest level of compliance snd security to the web applications on the internet. ### 37. Excellent cloud based WAF offering with 24*7 support **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Financial Services | Enterprise (> 1000 emp.) **Reviewed Date:** June 30, 2022 **What do you like best about AWS WAF?** Extremely fast & easy to setup Wide range of rules available through marketplace Highly scalable & no downtime Pay as per you use model with reasonable charges Excellent support **What do you dislike about AWS WAF?** Logging functionality is limited Bot protection is not upto the mark Since there is no managed services available, the in house teams have to be technically well versed in aspects like sql queries etc when hunting for events **Recommendations to others considering AWS WAF:** Ensure that the resources using WAF are technically well versed as there is no managed support. **What problems is AWS WAF solving and how is that benefiting you?** Rapid & secure onboarding of external facing websites Highly scalable solution pay as you go model Improved the productivity by reducing the time to market significantly ### 38. Aws waf review **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Information Services | Mid-Market (51-1000 emp.) **Reviewed Date:** September 08, 2022 **What do you like best about AWS WAF?** This application fireball is used for API gateway protection against threats or exploitation. It protect against malicious traffic to the front end application. **What do you dislike about AWS WAF?** Nothing to dislike if there is no price issue. **What problems is AWS WAF solving and how is that benefiting you?** Used this firewall settings in Aws architecture for protecting API gateway. ### 39. AWS WAF **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Health, Wellness and Fitness | Small-Business (50 or fewer emp.) **Reviewed Date:** January 12, 2022 **What do you like best about AWS WAF?** The peace of mind knowing that the WAF is helping to block malicious activity on our applications. **What do you dislike about AWS WAF?** It was slightly difficult to set up if you don't have much experience with it. **Recommendations to others considering AWS WAF:** Highly recommended for anyone needing added firewall protection, etc **What problems is AWS WAF solving and how is that benefiting you?** We are solving the problem of not allowing unauthorized data to leave our applications, as well as adding a firewall for added security. ### 40. Higher security with less configuration **Rating:** 3.5/5.0 stars **Reviewed by:** Prajeesh M. | S, Small-Business (50 or fewer emp.) **Reviewed Date:** October 30, 2021 **What do you like best about AWS WAF?** It is so easy to implement all the required features with very more minor steps **What do you dislike about AWS WAF?** Writing some exceptions is a little bit tough, but in a way, it's a good thing to be more careful what you are avoiding **What problems is AWS WAF solving and how is that benefiting you?** We humans always make mistakes; whenever we write a program/script, security is the primary concern, but we always make mistakes; covering up all these human errors are quite easier with AWS WAF, just a few steps, and you're all set ### 41. A goodbye to the vulnerabilities that affect our business applications. **Rating:** 4.5/5.0 stars **Reviewed by:** Hanna B. | Software Developer, Mid-Market (51-1000 emp.) **Reviewed Date:** December 23, 2018 **What do you like best about AWS WAF?** AWS WAF is a very versatile and useful tool when it comes to protecting the infrastructures of our applications and this is because it allows users to establish rules according to their needs and vulnerabilities that they wish to stop, their costs are applied according to the number of rules that are established and the severity of them, that is why I consider it a great solution to protect any environment of web applications at the enterprise level. **What do you dislike about AWS WAF?** You must know how to manage, because if you do not do it, you can generate a very excessive and unnecessary amount of expenses. **Recommendations to others considering AWS WAF:** WAF is ideal for mitigating the most common web attacks, which is why I recommend it because it is very versatile and easy to use. **What problems is AWS WAF solving and how is that benefiting you?** We use WAF to provide protection to our applications through different specific or centralized rules, which allows us to be free or to support the same ones of very common attacks like SQL injection and the best thing is that the managed rules are updated by the team of AWS which is a great advantage because we can focus on improving our applications and leaving this tool in the hands of its security and therefore better impossible because we only pay for what is used. ### 42. AWS WAF The best solution to stop attacks on our web applications. **Rating:** 4.5/5.0 stars **Reviewed by:** Catherine A. | Software Developer, Small-Business (50 or fewer emp.) **Reviewed Date:** November 22, 2018 **What do you like best about AWS WAF?** I like AWS WAF because it is simply a powerful protector against web attacks, for it allows developers or users to establish personalized security rules with which you can control the traffic of all applications, as well as attacks on these, since today one of the worst enemies are such attacks that tend to damage the infrastructure of the applications that is why WAF is ideal to avoid this and the best thing is that although it offers many advantages does not mean that its costs are very high, because we only have to pay only for what we use. **What do you dislike about AWS WAF?** Establishing rules tends to be somewhat limited because the more rules are established the more costs will rise, however it is worth it because it is really useful for the protection of web applications. **Recommendations to others considering AWS WAF:** Great AWS service ideal to protect as many websites as corporate web applications, since there is no doubt that every day we are exposed to infinite vulnerabilities that is why I recommend using this firewall. **What problems is AWS WAF solving and how is that benefiting you?** We use AWS WAF to help us protect our web applications from the most common attacks that exist today, for that we created a list that indicates that it can be a threat and that it is not so that we take control of this form. that must be blocked, what resources should be restricted and in the event that these rules do not work we have associated this service with Amazon CloudFront so that we may be informed of more specific attacks and thus be able to relieve the old rules by others. ### 43. Excellent solution to secure your web applications! **Rating:** 5.0/5.0 stars **Reviewed by:** Mairina V. | Gerente de Telecomunicaciones e Infraestructura, Small-Business (50 or fewer emp.) **Reviewed Date:** September 19, 2018 **What do you like best about AWS WAF?** It is a great solution that allows protecting the environment of web applications of different types of attacks such as xss scripting, injection sql and the entire vulnerability map defined in the owasp project (Open Web Application Security Project). With this solution you can define a set of rules that allow you to filter web traffic in order to mitigate the exposure gap when exploiting vulnerabilities in web applications. **What do you dislike about AWS WAF?** In this case, I do not have articles that I do not like about this solution, the embargo to be able to configure the rules is important to have knowledge about the vulnerabilities that extend the web applications in order to determine which is the package of rules that adapts, of otherwise, false positives would be generated once the service is enabled. **Recommendations to others considering AWS WAF:** It is very useful to protect the entire web environment of companies and even more so in the face of the constant impact of web applications due to different vulnerabilities to which they are exposed. I recommend it 100% **What problems is AWS WAF solving and how is that benefiting you?** I currently use waf to protect my entire web environment, host servers up to the web services that run on them, we have closed the exposure gap to known attacks, and we can then analyze the results of the attack attempt. Additionally, it is very useful to include with this solution the mitigation of distributed denial of service DDoS attacks in the application environment. ### 44. Quick, repeatable, and cheap WAF **Rating:** 4.0/5.0 stars **Reviewed by:** ryan s. | Security Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** November 27, 2018 **What do you like best about AWS WAF?** It's WAF as code when implemetned with cloudformation, making it a quick and repeatable WAF implementation. One of the biggest issues with typical WAF products is that they're placed inline and costly, or are host based and are a suck on the instance resources. Being able to apply your WAF rule at the edge (cloudfront) is vastly better than letting malicious traffic travel deep into the environment. **What do you dislike about AWS WAF?** Almost impossible to setup without using the AWS provided cloudformation template. However, once the template is used it's rather trivial to add in your own custom rules. My biggest dislike would be -> I honestly dont think the 3rd party tie-ins do anything. I would also like to see lower rate based options, 2k is rather high for a minimum. **Recommendations to others considering AWS WAF:** Start with the AWS provided template, run it in monitor mode, and tune accordingly. **What problems is AWS WAF solving and how is that benefiting you?** Edge protection, general complaince, and it's simply a best practice. The biggest benefit is that it can be applied via cloudforamtion in a repeatable fasion, and it's very low cost when compared to many other options. ### 45. must required service for web application running on AWS !! **Rating:** 3.5/5.0 stars **Reviewed by:** Minesh S. | Cloud Architect, Information Technology and Services, Small-Business (50 or fewer emp.) **Reviewed Date:** July 25, 2018 **What do you like best about AWS WAF?** i have been working with WAF for 1 year , it protects web sites from Application and server OS vulnerabilities securely , it protects from uploading malicious content it also protects from sophisticated and targeted attacks , based on my own experience it becomes the most useful service while growing the web infrastructure because as you grow your infrastructure your website becomes more venerable for cyber attacks , it basically filters all the request coming towards web server and protects it from cyber attacks!! **What do you dislike about AWS WAF?** it's pricing are very higher than other services , quality of support provided is not so good other than this there is nothing to dislike about AWS WAF!! **Recommendations to others considering AWS WAF:** AWS WAF(Web Application Firewall) is the most reliable and useful service while deploying your Web Aplication on AWS platform , but i would say it's really a costly service comparatively !! **What problems is AWS WAF solving and how is that benefiting you?** we use AWS WAF for protecting our web applications from cyber attacks !!! ### 46. AWS WAF is my choice number one **Rating:** 4.0/5.0 stars **Reviewed by:** Fernanda S. | Analista de aplicaciones, Computer Software, Mid-Market (51-1000 emp.) **Reviewed Date:** September 23, 2018 **What do you like best about AWS WAF?** Pricing model, control, ease of change, technical support, pace of innovation are all outstanding. AWS WAF offers an API (by the way, a full-featured one) that automates security rules' creating, deploying, and maintaining. We like that the deployment of new rules can last just a few minutes. Apart from other reasons, this allows quickly responding to alterations in traffic patterns. Besides, AWS WAF allows monitoring Internet traffic in a mode close to real time, so we can quickly create new rules or warnings in Amazon CloudWatch. **What do you dislike about AWS WAF?** I think that documentation could be better but after all, this service is our choice number one. It provides various documentation which is helpful at the outset and also they have videos and other kinds of documentation as well. **Recommendations to others considering AWS WAF:** We should note that you can deploy AWS WAF on the Amazon CloudFront (the CDN solution component), and on the Application Load Balancer (for servers on EC2, for example) as well. But all things considered, we can absolutely recommend this service. **What problems is AWS WAF solving and how is that benefiting you?** AWS WAF suits our needs as best one can. WAF can be implemented as a cloud service, an agent on a web server, or a specialized hardware or virtual device. To start working with AWS WAF, there is a need for creating an access control list which determines which network requests have to be blocked and which should be skipped. ### 47. Amazing AWS service **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Retail | Mid-Market (51-1000 emp.) **Reviewed Date:** May 22, 2019 **What do you like best about AWS WAF?** Can do what all modern WAF solutions can do without paying thousands of dollars extra. **What do you dislike about AWS WAF?** Compared to other WAF's it does not have a detailed console output of the events. **What problems is AWS WAF solving and how is that benefiting you?** Automation was smooth. Problem lies in automating it for proactive black listing of Ip's using Guard Duty ### 48. Experience in using AWS WAF **Rating:** 5.0/5.0 stars **Reviewed by:** Haripriya B. | Summer Intern, Internet, Small-Business (50 or fewer emp.) **Reviewed Date:** August 10, 2018 **What do you like best about AWS WAF?** Basically amazon is most trusted organization worldwide. And the firewall for web services enables the user to filter web requests and work accordingly. one can anytime restrict or accept request from any unknown client. **What do you dislike about AWS WAF?** There is nothing to dislike but one thing is that we need to configure it separately. It doesnt come along with the cloud web service. **Recommendations to others considering AWS WAF:** Those who use Amazon cloud can use this AWS WAF to keep the instances protected from any malfunction or protect the instances by what to restrict and what not to. **What problems is AWS WAF solving and how is that benefiting you?** I protect my web instances with WAF because it is a better way to filter request to my website. ### 49. The WAF has been a great addition to the ALB **Rating:** 4.5/5.0 stars **Reviewed by:** Jonathan H. | Jonathan Hickman , Mid-Market (51-1000 emp.) **Reviewed Date:** November 27, 2018 **What do you like best about AWS WAF?** One feature I enjoy is being able to dynamically alter WAF rules based. We use traffic analysis tools to feed back into our WAF to dynamically respond to threats. **What do you dislike about AWS WAF?** It'd be great if there was a better interface or clarity of the WAF. We usually set it up through the CLI but the UI for WAF could be better. **What problems is AWS WAF solving and how is that benefiting you?** Security response ### 50. WAF Review **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.) **Reviewed Date:** December 07, 2018 **What do you like best about AWS WAF?** Easy setup when compared to other systems providing firewall services for web services. Single click enablement versus infrastructure deployment. Can be deployed for all LBs in the VPC without additional configuration. **What do you dislike about AWS WAF?** ONly able to set-up a single subscription per WAF. Example: F5 provides three separate subscriptions each addressing s specific need but only one can be added. Other rule sets need to be manually written. **Recommendations to others considering AWS WAF:** Requires some experience with existing WAF like services to fully understand and properly implement. **What problems is AWS WAF solving and how is that benefiting you?** Additional layers of protection for externally exposed resources. ## AWS WAF Discussions - [What is AWS WAF used for?](https://www.g2.com/discussions/what-is-aws-waf-used-for) - 1 comment - [View AWS WAF pricing details and edition comparison](https://www.g2.com/products/aws-waf/reviews?section=pricing&secure%5Bexpires_at%5D=2026-06-28+03%3A46%3A57+-0500&secure%5Bsession_id%5D=7cd2237e-2df5-4c2b-9440-fa809af84b91&secure%5Btoken%5D=e78db7adcbe6a94fe5e402171747533d0163b87a79d6e5b8107a0b410782a0b9&format=llm_user) ## AWS WAF Integrations - [Amazon API Gateway](https://www.g2.com/products/amazon-api-gateway/reviews) - [Amazon AWS Platform](https://www.g2.com/products/amazon-aws-platform/reviews) - [Amazon CloudFront](https://www.g2.com/products/amazon-cloudfront/reviews) - [Amazon EC2](https://www.g2.com/products/amazon-ec2/reviews) - [Amazon Lightsail](https://www.g2.com/products/amazon-lightsail/reviews) - [AWS Auto Scaling](https://www.g2.com/products/aws-auto-scaling/reviews) - [AWS CloudTrail](https://www.g2.com/products/aws-cloudtrail/reviews) - [AWS Elastic Load Balancing](https://www.g2.com/products/aws-elastic-load-balancing/reviews) - [AWS Lambda](https://www.g2.com/products/aws-lambda/reviews) ## AWS WAF Features **Analysis** - Logging and Reporting - Issue Tracking - Security Monitoring **Controls** - Application-Layer Controls - Traffic Controls - Network Controls **Functionality** - API / Integrations - Extensibility - Bot Traffic **Generative AI** - AI Text Summarization ## Top AWS WAF Alternatives - [F5 NGINX](https://www.g2.com/products/f5-nginx/reviews) - 4.6/5.0 (106 reviews) - [Sucuri](https://www.g2.com/products/sucuri/reviews) - 3.3/5.0 (47 reviews) - [ModSecurity](https://www.g2.com/products/modsecurity/reviews) - 4.2/5.0 (14 reviews)