Introducing G2.ai, the future of software buying.Try now

Best Web Application Firewalls (WAF)

Lauren Worth
LW
Researched and written by Lauren Worth

Web application firewalls (WAF) are designed to protect web applications by filtering and monitoring incoming traffic. These tools analyze the hypertext transfer protocol (HTTP) traffic as it comes in, identifying traffic anomalies and blocking potentially malicious traffic.

Companies use these tools in conjunction with additional application security software to protect operational web applications better. These tools differ from traditional firewall software, which controls traffic between servers by filtering traffic and content attempting to access a specific web-based application.

To qualify for inclusion in the Web Application Firewalls (WAF) category, a product must:

Inspect traffic flow at the application level
Filter HTTP traffic for web-based applications
Block attacks such as SQL injections and cross-site scripting (XSS)
Show More
Show Less

Best Web Application Firewalls (WAF) At A Glance

Leader:
Radware Cloud WAF
Radware Cloud WAF
Highest Performer:
Azion
Azion
Easiest to Use:
Radware Cloud WAF
Radware Cloud WAF
Top Trending:
Cloudflare Application Security and Performance
Cloudflare Application Security and Performance
Best Free Software:
HAProxy
HAProxy
Show LessShow More
Easiest to Use:
Radware Cloud WAF
Radware Cloud WAF
Top Trending:
Cloudflare Application Security and Performance
Cloudflare Application Security and Performance
Best Free Software:
HAProxy
HAProxy

G2 takes pride in showing unbiased reviews on user satisfaction in our ratings and reports. We do not allow paid placements in any of our ratings, rankings, or reports. Learn about our scoring methodologies.

No filters applied
Clear Filter
More Filters
Market Segments
All Segments
Small Business
Mid Market
Enterprise
Avg. Customer Review
Language
Pricing
Sort by
Clear All
87 Listings in Web Application Firewall (WAF) Available
  • Sort By:
    G2 Score
Radware Cloud WAF
(102)4.6 out of 5
1st Easiest To Use in Web Application Firewall (WAF) software
Save to My Lists
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Radware Cloud WAF is a fully managed Cloud Application Protection Service providing the industry's most comprehensive web application security solution. The service integrates Radware's Cloud WAF, API

    Users
    No information available
    Industries
    • Information Technology and Services
    • Computer & Network Security
    Market Segment
    • 44% Enterprise
    • 41% Mid-Market
  • Pros and Cons
    Expand/Collapse Pros and Cons
    • Radware Cloud WAF Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Protection
    31
    WAF (Web Application Firewall)
    25
    Cybersecurity
    21
    Customer Support
    20
    Real-time Monitoring
    19
    Cons
    Difficult Reporting
    10
    Learning Difficulty
    10
    Complex Setup
    7
    Expensive
    7
    Limited Customization
    7
    View All Pros and Cons
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • Radware Cloud WAF features and usability ratings that predict user satisfaction
    9.0
    Has the product been a good partner in doing business?
    Average: 8.7
    8.9
    Traffic Controls
    Average: 9.0
    9.2
    Security Monitoring
    Average: 8.9
    8.8
    Issue Tracking
    Average: 8.6
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    Radware
    Company Website
    Year Founded
    1997
    HQ Location
    Tel Aviv, Tel Aviv
    Twitter
    @radware
    12,480 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    1,569 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

Radware Cloud WAF is a fully managed Cloud Application Protection Service providing the industry's most comprehensive web application security solution. The service integrates Radware's Cloud WAF, API

Users
No information available
Industries
  • Information Technology and Services
  • Computer & Network Security
Market Segment
  • 44% Enterprise
  • 41% Mid-Market
Radware Cloud WAF Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Protection
31
WAF (Web Application Firewall)
25
Cybersecurity
21
Customer Support
20
Real-time Monitoring
19
Cons
Difficult Reporting
10
Learning Difficulty
10
Complex Setup
7
Expensive
7
Limited Customization
7
View All Pros and Cons
Radware Cloud WAF features and usability ratings that predict user satisfaction
9.0
Has the product been a good partner in doing business?
Average: 8.7
8.9
Traffic Controls
Average: 9.0
9.2
Security Monitoring
Average: 8.9
8.8
Issue Tracking
Average: 8.6
Seller Details
Seller
Radware
Company Website
Year Founded
1997
HQ Location
Tel Aviv, Tel Aviv
Twitter
@radware
12,480 Twitter followers
LinkedIn® Page
www.linkedin.com
1,569 employees on LinkedIn®
Cloudflare Application Security and Performance
(586)4.5 out of 5
Optimized for quick response
5th Easiest To Use in Web Application Firewall (WAF) software
View top Consulting Services for Cloudflare Application Security and Performance
Save to My Lists
Entry Level Price:Free
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Cloudflare is the connectivity cloud for the "everywhere world," on a mission to help build a better Internet. We provide a unified platform of networking, security, and developer services delivered f

    Users
    • Web Developer
    • Software Engineer
    Industries
    • Information Technology and Services
    • Computer Software
    Market Segment
    • 62% Small-Business
    • 27% Mid-Market
    User Sentiment
    How are these determined?Information
    These insights, currently in beta, are compiled from user reviews and grouped to display a high-level overview of the software.
    • Cloudflare is a cybersecurity and content delivery network service that offers features such as bot management, rate limiting, custom policies, DDoS mitigation, and API protection to enhance application security and performance.
    • Reviewers like the robust platform, strong security, developer-friendly tools, fast content delivery, and user-friendly dashboard that Cloudflare offers, along with its ability to protect websites from bots, prevent spam, and improve website speed.
    • Reviewers noted occasional outages affecting many users, overly strict security settings blocking legitimate users, limited customer support, confusing account management, and complex customization as some of the drawbacks of using Cloudflare.
  • Pros and Cons
    Expand/Collapse Pros and Cons
    • Cloudflare Application Security and Performance Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Security
    38
    Ease of Use
    36
    Features
    35
    DDoS Protection
    24
    Performance
    24
    Cons
    Expensive
    15
    Complex User Interface
    14
    Complex Setup
    12
    Poor Customer Support
    12
    Complexity
    11
    View All Pros and Cons
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • Cloudflare Application Security and Performance features and usability ratings that predict user satisfaction
    8.8
    Has the product been a good partner in doing business?
    Average: 8.7
    8.9
    Traffic Controls
    Average: 9.0
    9.1
    Security Monitoring
    Average: 8.9
    8.5
    Issue Tracking
    Average: 8.6
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    Cloudflare, Inc.
    Company Website
    Year Founded
    2009
    HQ Location
    San Francisco, California
    Twitter
    @Cloudflare
    260,643 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    6,320 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

Cloudflare is the connectivity cloud for the "everywhere world," on a mission to help build a better Internet. We provide a unified platform of networking, security, and developer services delivered f

Users
  • Web Developer
  • Software Engineer
Industries
  • Information Technology and Services
  • Computer Software
Market Segment
  • 62% Small-Business
  • 27% Mid-Market
User Sentiment
How are these determined?Information
These insights, currently in beta, are compiled from user reviews and grouped to display a high-level overview of the software.
  • Cloudflare is a cybersecurity and content delivery network service that offers features such as bot management, rate limiting, custom policies, DDoS mitigation, and API protection to enhance application security and performance.
  • Reviewers like the robust platform, strong security, developer-friendly tools, fast content delivery, and user-friendly dashboard that Cloudflare offers, along with its ability to protect websites from bots, prevent spam, and improve website speed.
  • Reviewers noted occasional outages affecting many users, overly strict security settings blocking legitimate users, limited customer support, confusing account management, and complex customization as some of the drawbacks of using Cloudflare.
Cloudflare Application Security and Performance Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Security
38
Ease of Use
36
Features
35
DDoS Protection
24
Performance
24
Cons
Expensive
15
Complex User Interface
14
Complex Setup
12
Poor Customer Support
12
Complexity
11
View All Pros and Cons
Cloudflare Application Security and Performance features and usability ratings that predict user satisfaction
8.8
Has the product been a good partner in doing business?
Average: 8.7
8.9
Traffic Controls
Average: 9.0
9.1
Security Monitoring
Average: 8.9
8.5
Issue Tracking
Average: 8.6
Seller Details
Seller
Cloudflare, Inc.
Company Website
Year Founded
2009
HQ Location
San Francisco, California
Twitter
@Cloudflare
260,643 Twitter followers
LinkedIn® Page
www.linkedin.com
6,320 employees on LinkedIn®

G2 Deals

Buying software just got smarter. And cheaper.

This is how G2 Deals can help you:

  • Easily shop for curated – and trusted – software
  • Own your own software buying journey
  • Discover exclusive deals on software
See Exclusive Offers
HAProxy
(681)4.7 out of 5
Optimized for quick response
4th Easiest To Use in Web Application Firewall (WAF) software
Save to My Lists
Entry Level Price:FREE Open Source
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    HAProxy is an open-source software load balancer and reverse proxy for TCP, QUIC, and HTTP-based applications. It provides high availability, load balancing, and best-in-class SSL processing. HAPr

    Users
    • DevOps Engineer
    • Software Engineer
    Industries
    • Information Technology and Services
    • Computer Software
    Market Segment
    • 42% Mid-Market
    • 36% Enterprise
    User Sentiment
    How are these determined?Information
    These insights, currently in beta, are compiled from user reviews and grouped to display a high-level overview of the software.
    • HAProxy is a load balancing and reverse proxy software that distributes network traffic across multiple servers.
    • Users like HAProxy for its reliable performance, high availability, easy configuration, scalability, flexibility, and its open-source nature, which allows for easy access and use.
    • Users experienced complexity in configuring HAProxy, especially for advanced use cases, and some found the user interface could be improved for non-technical users.
  • Pros and Cons
    Expand/Collapse Pros and Cons
    • HAProxy Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Ease of Use
    137
    Load Balancing
    126
    Reliability
    123
    Performance
    108
    Configuration Ease
    71
    Cons
    Difficult Configuration
    63
    Learning Difficulty
    56
    Complex Setup
    55
    Complex Configuration
    47
    Complexity
    44
    View All Pros and Cons
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • HAProxy features and usability ratings that predict user satisfaction
    9.1
    Has the product been a good partner in doing business?
    Average: 8.7
    9.0
    Traffic Controls
    Average: 9.0
    8.1
    Security Monitoring
    Average: 8.9
    8.2
    Issue Tracking
    Average: 8.6
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    HAProxy
    Company Website
    Year Founded
    2013
    HQ Location
    Newton, MA
    Twitter
    @HAProxy
    21,281 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    129 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

HAProxy is an open-source software load balancer and reverse proxy for TCP, QUIC, and HTTP-based applications. It provides high availability, load balancing, and best-in-class SSL processing. HAPr

Users
  • DevOps Engineer
  • Software Engineer
Industries
  • Information Technology and Services
  • Computer Software
Market Segment
  • 42% Mid-Market
  • 36% Enterprise
User Sentiment
How are these determined?Information
These insights, currently in beta, are compiled from user reviews and grouped to display a high-level overview of the software.
  • HAProxy is a load balancing and reverse proxy software that distributes network traffic across multiple servers.
  • Users like HAProxy for its reliable performance, high availability, easy configuration, scalability, flexibility, and its open-source nature, which allows for easy access and use.
  • Users experienced complexity in configuring HAProxy, especially for advanced use cases, and some found the user interface could be improved for non-technical users.
HAProxy Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Ease of Use
137
Load Balancing
126
Reliability
123
Performance
108
Configuration Ease
71
Cons
Difficult Configuration
63
Learning Difficulty
56
Complex Setup
55
Complex Configuration
47
Complexity
44
View All Pros and Cons
HAProxy features and usability ratings that predict user satisfaction
9.1
Has the product been a good partner in doing business?
Average: 8.7
9.0
Traffic Controls
Average: 9.0
8.1
Security Monitoring
Average: 8.9
8.2
Issue Tracking
Average: 8.6
Seller Details
Seller
HAProxy
Company Website
Year Founded
2013
HQ Location
Newton, MA
Twitter
@HAProxy
21,281 Twitter followers
LinkedIn® Page
www.linkedin.com
129 employees on LinkedIn®
Check Point CloudGuard WAF
(46)4.4 out of 5
9th Easiest To Use in Web Application Firewall (WAF) software
Save to My Lists
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    CloudGuard WAF is a cloud-native Web and API security solution designed to help users safeguard their applications from both known and unknown threats. By leveraging advanced contextual AI, this solut

    Users
    No information available
    Industries
    • Computer & Network Security
    • Information Technology and Services
    Market Segment
    • 65% Mid-Market
    • 22% Small-Business
  • Pros and Cons
    Expand/Collapse Pros and Cons
    • Check Point CloudGuard WAF Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Protection
    27
    Security
    24
    DDoS Protection
    18
    Cybersecurity
    17
    Setup Ease
    14
    Cons
    Complex Setup
    15
    Expensive
    11
    Learning Difficulty
    10
    Difficult Learning Curve
    8
    Poor Documentation
    8
    View All Pros and Cons
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • Check Point CloudGuard WAF features and usability ratings that predict user satisfaction
    8.9
    Has the product been a good partner in doing business?
    Average: 8.7
    8.9
    Traffic Controls
    Average: 9.0
    9.4
    Security Monitoring
    Average: 8.9
    8.7
    Issue Tracking
    Average: 8.6
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    Check Point Software Technologies
    Company Website
    Year Founded
    1993
    HQ Location
    San Carlos, CA
    Twitter
    @CheckPointSW
    70,967 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    8,323 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

CloudGuard WAF is a cloud-native Web and API security solution designed to help users safeguard their applications from both known and unknown threats. By leveraging advanced contextual AI, this solut

Users
No information available
Industries
  • Computer & Network Security
  • Information Technology and Services
Market Segment
  • 65% Mid-Market
  • 22% Small-Business
Check Point CloudGuard WAF Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Protection
27
Security
24
DDoS Protection
18
Cybersecurity
17
Setup Ease
14
Cons
Complex Setup
15
Expensive
11
Learning Difficulty
10
Difficult Learning Curve
8
Poor Documentation
8
View All Pros and Cons
Check Point CloudGuard WAF features and usability ratings that predict user satisfaction
8.9
Has the product been a good partner in doing business?
Average: 8.7
8.9
Traffic Controls
Average: 9.0
9.4
Security Monitoring
Average: 8.9
8.7
Issue Tracking
Average: 8.6
Seller Details
Seller
Check Point Software Technologies
Company Website
Year Founded
1993
HQ Location
San Carlos, CA
Twitter
@CheckPointSW
70,967 Twitter followers
LinkedIn® Page
www.linkedin.com
8,323 employees on LinkedIn®
FortiAppSec Cloud
(25)4.6 out of 5
Save to My Lists
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    FortiAppSec Cloud - the next evolution of FortiWeb Cloud - simplifies and strengthens web application security and delivery across your cloud environments. This SaaS platform secures network availabil

    Users
    No information available
    Industries
    • Information Technology and Services
    • Computer & Network Security
    Market Segment
    • 68% Mid-Market
    • 20% Enterprise
  • Pros and Cons
    Expand/Collapse Pros and Cons
    • FortiAppSec Cloud Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Protection
    7
    Security
    7
    Cybersecurity
    6
    Deployment Speed
    5
    Reliability
    5
    Cons
    Complex Configuration
    6
    Complex Setup
    5
    Limited Customization
    5
    Difficult Reporting
    4
    Poor Reporting
    4
    View All Pros and Cons
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • FortiAppSec Cloud features and usability ratings that predict user satisfaction
    9.3
    Has the product been a good partner in doing business?
    Average: 8.7
    8.3
    Traffic Controls
    Average: 9.0
    9.2
    Security Monitoring
    Average: 8.9
    8.2
    Issue Tracking
    Average: 8.6
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    Fortinet
    Company Website
    Year Founded
    2000
    HQ Location
    Sunnyvale, CA
    Twitter
    @Fortinet
    151,446 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    15,801 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

FortiAppSec Cloud - the next evolution of FortiWeb Cloud - simplifies and strengthens web application security and delivery across your cloud environments. This SaaS platform secures network availabil

Users
No information available
Industries
  • Information Technology and Services
  • Computer & Network Security
Market Segment
  • 68% Mid-Market
  • 20% Enterprise
FortiAppSec Cloud Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Protection
7
Security
7
Cybersecurity
6
Deployment Speed
5
Reliability
5
Cons
Complex Configuration
6
Complex Setup
5
Limited Customization
5
Difficult Reporting
4
Poor Reporting
4
View All Pros and Cons
FortiAppSec Cloud features and usability ratings that predict user satisfaction
9.3
Has the product been a good partner in doing business?
Average: 8.7
8.3
Traffic Controls
Average: 9.0
9.2
Security Monitoring
Average: 8.9
8.2
Issue Tracking
Average: 8.6
Seller Details
Seller
Fortinet
Company Website
Year Founded
2000
HQ Location
Sunnyvale, CA
Twitter
@Fortinet
151,446 Twitter followers
LinkedIn® Page
www.linkedin.com
15,801 employees on LinkedIn®
Azion
(26)4.9 out of 5
8th Easiest To Use in Web Application Firewall (WAF) software
Save to My Lists
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Azion is the web platform that enables businesses to build, secure, and scale modern applications on a fully managed global infrastructure, with a robust suite of solutions for Application Development

    Users
    No information available
    Industries
    • Retail
    Market Segment
    • 38% Enterprise
    • 31% Mid-Market
    User Sentiment
    How are these determined?Information
    These insights, currently in beta, are compiled from user reviews and grouped to display a high-level overview of the software.
    • Azion is a content and security acceleration tool that provides edge computing and digital security solutions.
    • Users frequently mention the tool's robust protection for web applications, quick support response times, and the flexibility and reliability of the platform, which instills trust and confidence in clients.
    • Users experienced a lack of features for integration with Web3, NFTs, and related voice, face, and crypto market services, and some found the administration console not user-friendly and the new products not fully production-ready.
  • Pros and Cons
    Expand/Collapse Pros and Cons
    • Azion Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Customer Support
    10
    Ease of Use
    8
    Easy Integrations
    7
    Reliability
    7
    Performance
    6
    Cons
    Missing Features
    2
    Complexity
    1
    Difficult Learning
    1
    Difficult Learning Curve
    1
    Expensive
    1
    View All Pros and Cons
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • Azion features and usability ratings that predict user satisfaction
    9.4
    Has the product been a good partner in doing business?
    Average: 8.7
    9.5
    Traffic Controls
    Average: 9.0
    9.3
    Security Monitoring
    Average: 8.9
    9.3
    Issue Tracking
    Average: 8.6
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    Azion
    Year Founded
    2011
    HQ Location
    Palo Alto, California, United States
    LinkedIn® Page
    www.linkedin.com
    199 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

Azion is the web platform that enables businesses to build, secure, and scale modern applications on a fully managed global infrastructure, with a robust suite of solutions for Application Development

Users
No information available
Industries
  • Retail
Market Segment
  • 38% Enterprise
  • 31% Mid-Market
User Sentiment
How are these determined?Information
These insights, currently in beta, are compiled from user reviews and grouped to display a high-level overview of the software.
  • Azion is a content and security acceleration tool that provides edge computing and digital security solutions.
  • Users frequently mention the tool's robust protection for web applications, quick support response times, and the flexibility and reliability of the platform, which instills trust and confidence in clients.
  • Users experienced a lack of features for integration with Web3, NFTs, and related voice, face, and crypto market services, and some found the administration console not user-friendly and the new products not fully production-ready.
Azion Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Customer Support
10
Ease of Use
8
Easy Integrations
7
Reliability
7
Performance
6
Cons
Missing Features
2
Complexity
1
Difficult Learning
1
Difficult Learning Curve
1
Expensive
1
View All Pros and Cons
Azion features and usability ratings that predict user satisfaction
9.4
Has the product been a good partner in doing business?
Average: 8.7
9.5
Traffic Controls
Average: 9.0
9.3
Security Monitoring
Average: 8.9
9.3
Issue Tracking
Average: 8.6
Seller Details
Seller
Azion
Year Founded
2011
HQ Location
Palo Alto, California, United States
LinkedIn® Page
www.linkedin.com
199 employees on LinkedIn®
AWS WAF
(68)4.3 out of 5
15th Easiest To Use in Web Application Firewall (WAF) software
View top Consulting Services for AWS WAF
Save to My Lists
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    AWS WAF (Web Application Firewall) is a security service designed to protect web applications and APIs from common web exploits and bots that can compromise security, affect availability, or consume e

    Users
    No information available
    Industries
    • Information Technology and Services
    • Computer Software
    Market Segment
    • 35% Enterprise
    • 35% Small-Business
  • Pros and Cons
    Expand/Collapse Pros and Cons
    • AWS WAF Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    WAF (Web Application Firewall)
    2
    Cloud Integration
    1
    Custom Rules
    1
    Cybersecurity
    1
    DDoS Protection
    1
    Cons
    Complex Configuration
    1
    Expensive
    1
    Ineffective Blocking
    1
    View All Pros and Cons
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • AWS WAF features and usability ratings that predict user satisfaction
    8.8
    Has the product been a good partner in doing business?
    Average: 8.7
    8.7
    Traffic Controls
    Average: 9.0
    8.9
    Security Monitoring
    Average: 8.9
    8.0
    Issue Tracking
    Average: 8.6
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    Amazon Web Services (AWS)
    Year Founded
    2006
    HQ Location
    Seattle, WA
    Twitter
    @awscloud
    2,218,835 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    152,002 employees on LinkedIn®
    Ownership
    NASDAQ: AMZN
Product Description
How are these determined?Information
This description is provided by the seller.

AWS WAF (Web Application Firewall) is a security service designed to protect web applications and APIs from common web exploits and bots that can compromise security, affect availability, or consume e

Users
No information available
Industries
  • Information Technology and Services
  • Computer Software
Market Segment
  • 35% Enterprise
  • 35% Small-Business
AWS WAF Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
WAF (Web Application Firewall)
2
Cloud Integration
1
Custom Rules
1
Cybersecurity
1
DDoS Protection
1
Cons
Complex Configuration
1
Expensive
1
Ineffective Blocking
1
View All Pros and Cons
AWS WAF features and usability ratings that predict user satisfaction
8.8
Has the product been a good partner in doing business?
Average: 8.7
8.7
Traffic Controls
Average: 9.0
8.9
Security Monitoring
Average: 8.9
8.0
Issue Tracking
Average: 8.6
Seller Details
Seller
Amazon Web Services (AWS)
Year Founded
2006
HQ Location
Seattle, WA
Twitter
@awscloud
2,218,835 Twitter followers
LinkedIn® Page
www.linkedin.com
152,002 employees on LinkedIn®
Ownership
NASDAQ: AMZN
Fastly Next-Gen WAF
(29)4.2 out of 5
10th Easiest To Use in Web Application Firewall (WAF) software
Save to My Lists
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    The Fastly Next-Gen WAF provides advanced protection for your applications, APIs, and microservices, wherever they live, from a single unified solution. Built on Fastly’s proprietary SmartParse detect

    Users
    No information available
    Industries
    No information available
    Market Segment
    • 48% Mid-Market
    • 38% Enterprise
  • Pros and Cons
    Expand/Collapse Pros and Cons
    • Fastly Next-Gen WAF Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Ease of Use
    1
    Easy Integrations
    1
    Security
    1
    SSL Encryption
    1
    Cons
    Expensive
    1
    Inflexible Pricing
    1
    View All Pros and Cons
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • Fastly Next-Gen WAF features and usability ratings that predict user satisfaction
    9.1
    Has the product been a good partner in doing business?
    Average: 8.7
    8.1
    Traffic Controls
    Average: 9.0
    9.0
    Security Monitoring
    Average: 8.9
    8.1
    Issue Tracking
    Average: 8.6
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    Fastly
    Year Founded
    2011
    HQ Location
    San Francisco, CA
    Twitter
    @fastly
    29,019 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    1,348 employees on LinkedIn®
    Ownership
    NYSE: FSLY
Product Description
How are these determined?Information
This description is provided by the seller.

The Fastly Next-Gen WAF provides advanced protection for your applications, APIs, and microservices, wherever they live, from a single unified solution. Built on Fastly’s proprietary SmartParse detect

Users
No information available
Industries
No information available
Market Segment
  • 48% Mid-Market
  • 38% Enterprise
Fastly Next-Gen WAF Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Ease of Use
1
Easy Integrations
1
Security
1
SSL Encryption
1
Cons
Expensive
1
Inflexible Pricing
1
View All Pros and Cons
Fastly Next-Gen WAF features and usability ratings that predict user satisfaction
9.1
Has the product been a good partner in doing business?
Average: 8.7
8.1
Traffic Controls
Average: 9.0
9.0
Security Monitoring
Average: 8.9
8.1
Issue Tracking
Average: 8.6
Seller Details
Seller
Fastly
Year Founded
2011
HQ Location
San Francisco, CA
Twitter
@fastly
29,019 Twitter followers
LinkedIn® Page
www.linkedin.com
1,348 employees on LinkedIn®
Ownership
NYSE: FSLY
TR7 ASP
(22)4.9 out of 5
3rd Easiest To Use in Web Application Firewall (WAF) software
Save to My Lists
Entry Level Price:Starting at £11,907.02
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    An application security platform (ASP) designed by IT users angry and frustrated with the time-to-manage complex legacy application delivery and WAF products. TR7's friendly design, dynamic flow-panel

    Users
    No information available
    Industries
    No information available
    Market Segment
    • 50% Enterprise
    • 41% Mid-Market
    User Sentiment
    How are these determined?Information
    These insights, currently in beta, are compiled from user reviews and grouped to display a high-level overview of the software.
    • TR7 is a product that delivers load balancing and waf capabilities, addressing both performance and security needs, and provides L7 ddos protection.
    • Users frequently mention the product's user-friendly interface, fast performance, and the exceptional responsiveness and helpfulness of the support team.
    • Reviewers mentioned minor bugs in the user interface and the lack of built-in documentation or self-service learning resources for new administrators.
  • Pros and Cons
    Expand/Collapse Pros and Cons
    • TR7 ASP Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Customer Support
    11
    Load Balancing
    8
    Ease of Use
    7
    Reliability
    7
    Configuration Ease
    6
    Cons
    Complexity
    1
    Complex Setup
    1
    Difficult Setup
    1
    Limited Customization
    1
    Limited Features
    1
    View All Pros and Cons
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • TR7 ASP features and usability ratings that predict user satisfaction
    10.0
    Has the product been a good partner in doing business?
    Average: 8.7
    9.6
    Traffic Controls
    Average: 9.0
    9.7
    Security Monitoring
    Average: 8.9
    9.5
    Issue Tracking
    Average: 8.6
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    TR7
    Year Founded
    2020
    HQ Location
    Ankara, TR
    LinkedIn® Page
    www.linkedin.com
    33 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

An application security platform (ASP) designed by IT users angry and frustrated with the time-to-manage complex legacy application delivery and WAF products. TR7's friendly design, dynamic flow-panel

Users
No information available
Industries
No information available
Market Segment
  • 50% Enterprise
  • 41% Mid-Market
User Sentiment
How are these determined?Information
These insights, currently in beta, are compiled from user reviews and grouped to display a high-level overview of the software.
  • TR7 is a product that delivers load balancing and waf capabilities, addressing both performance and security needs, and provides L7 ddos protection.
  • Users frequently mention the product's user-friendly interface, fast performance, and the exceptional responsiveness and helpfulness of the support team.
  • Reviewers mentioned minor bugs in the user interface and the lack of built-in documentation or self-service learning resources for new administrators.
TR7 ASP Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Customer Support
11
Load Balancing
8
Ease of Use
7
Reliability
7
Configuration Ease
6
Cons
Complexity
1
Complex Setup
1
Difficult Setup
1
Limited Customization
1
Limited Features
1
View All Pros and Cons
TR7 ASP features and usability ratings that predict user satisfaction
10.0
Has the product been a good partner in doing business?
Average: 8.7
9.6
Traffic Controls
Average: 9.0
9.7
Security Monitoring
Average: 8.9
9.5
Issue Tracking
Average: 8.6
Seller Details
Seller
TR7
Year Founded
2020
HQ Location
Ankara, TR
LinkedIn® Page
www.linkedin.com
33 employees on LinkedIn®
Azure Web Application Firewall
(32)4.4 out of 5
Save to My Lists
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Azure Web Application Firewall is a cloud-native security service designed to protect web applications and APIs from common web vulnerabilities and attacks, such as SQL injection and cross-site script

    Users
    No information available
    Industries
    • Information Technology and Services
    • Computer Software
    Market Segment
    • 41% Enterprise
    • 41% Mid-Market
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • Azure Web Application Firewall features and usability ratings that predict user satisfaction
    9.1
    Has the product been a good partner in doing business?
    Average: 8.7
    8.1
    Traffic Controls
    Average: 9.0
    8.5
    Security Monitoring
    Average: 8.9
    8.1
    Issue Tracking
    Average: 8.6
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    Microsoft
    Year Founded
    1975
    HQ Location
    Redmond, Washington
    Twitter
    @microsoft
    13,084,579 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    226,132 employees on LinkedIn®
    Ownership
    MSFT
Product Description
How are these determined?Information
This description is provided by the seller.

Azure Web Application Firewall is a cloud-native security service designed to protect web applications and APIs from common web vulnerabilities and attacks, such as SQL injection and cross-site script

Users
No information available
Industries
  • Information Technology and Services
  • Computer Software
Market Segment
  • 41% Enterprise
  • 41% Mid-Market
Azure Web Application Firewall features and usability ratings that predict user satisfaction
9.1
Has the product been a good partner in doing business?
Average: 8.7
8.1
Traffic Controls
Average: 9.0
8.5
Security Monitoring
Average: 8.9
8.1
Issue Tracking
Average: 8.6
Seller Details
Seller
Microsoft
Year Founded
1975
HQ Location
Redmond, Washington
Twitter
@microsoft
13,084,579 Twitter followers
LinkedIn® Page
www.linkedin.com
226,132 employees on LinkedIn®
Ownership
MSFT
AppTrana
(33)4.8 out of 5
6th Easiest To Use in Web Application Firewall (WAF) software
Save to My Lists
Entry Level Price:$99.00
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    AppTrana API is a fully managed API security platform that provides continuous API discovery, automated vulnerability detection, and real-time protection against API attacks. It combines 24/7 AI-drive

    Users
    No information available
    Industries
    • Computer Software
    • Information Technology and Services
    Market Segment
    • 55% Mid-Market
    • 24% Small-Business
  • Pros and Cons
    Expand/Collapse Pros and Cons
    • AppTrana Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Protection
    11
    Cybersecurity
    9
    WAF (Web Application Firewall)
    8
    Bot Detection
    5
    DDoS Protection
    5
    Cons
    Difficult Reporting
    2
    Complex Setup
    1
    Expensive
    1
    Learning Difficulty
    1
    Poor Documentation
    1
    View All Pros and Cons
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • AppTrana features and usability ratings that predict user satisfaction
    9.6
    Has the product been a good partner in doing business?
    Average: 8.7
    9.6
    Traffic Controls
    Average: 9.0
    9.8
    Security Monitoring
    Average: 8.9
    9.6
    Issue Tracking
    Average: 8.6
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    Indusface
    Year Founded
    2012
    HQ Location
    Vadodara
    Twitter
    @Indusface
    3,496 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    169 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

AppTrana API is a fully managed API security platform that provides continuous API discovery, automated vulnerability detection, and real-time protection against API attacks. It combines 24/7 AI-drive

Users
No information available
Industries
  • Computer Software
  • Information Technology and Services
Market Segment
  • 55% Mid-Market
  • 24% Small-Business
AppTrana Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Protection
11
Cybersecurity
9
WAF (Web Application Firewall)
8
Bot Detection
5
DDoS Protection
5
Cons
Difficult Reporting
2
Complex Setup
1
Expensive
1
Learning Difficulty
1
Poor Documentation
1
View All Pros and Cons
AppTrana features and usability ratings that predict user satisfaction
9.6
Has the product been a good partner in doing business?
Average: 8.7
9.6
Traffic Controls
Average: 9.0
9.8
Security Monitoring
Average: 8.9
9.6
Issue Tracking
Average: 8.6
Seller Details
Seller
Indusface
Year Founded
2012
HQ Location
Vadodara
Twitter
@Indusface
3,496 Twitter followers
LinkedIn® Page
www.linkedin.com
169 employees on LinkedIn®
F5 NGINX
(107)4.6 out of 5
7th Easiest To Use in Web Application Firewall (WAF) software
Save to My Lists
Entry Level Price:Starting at $2500 per ...
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    NGINX, Inc. is the company behind NGINX, the popular open source project trusted by more than 400 million sites. We offer a suite of technologies for developing and delivering modern applications. The

    Users
    • Software Engineer
    Industries
    • Information Technology and Services
    • Computer Software
    Market Segment
    • 42% Small-Business
    • 40% Mid-Market
  • Pros and Cons
    Expand/Collapse Pros and Cons
    • F5 NGINX Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Configuration Ease
    1
    Cons
    This product has not yet received any negative sentiments.
    View All Pros and Cons
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • F5 NGINX features and usability ratings that predict user satisfaction
    9.1
    Has the product been a good partner in doing business?
    Average: 8.7
    9.0
    Traffic Controls
    Average: 9.0
    9.1
    Security Monitoring
    Average: 8.9
    8.9
    Issue Tracking
    Average: 8.6
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    F5
    HQ Location
    Seattle, Washington
    Twitter
    @F5Networks
    1,389 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    6,155 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

NGINX, Inc. is the company behind NGINX, the popular open source project trusted by more than 400 million sites. We offer a suite of technologies for developing and delivering modern applications. The

Users
  • Software Engineer
Industries
  • Information Technology and Services
  • Computer Software
Market Segment
  • 42% Small-Business
  • 40% Mid-Market
F5 NGINX Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Configuration Ease
1
Cons
This product has not yet received any negative sentiments.
View All Pros and Cons
F5 NGINX features and usability ratings that predict user satisfaction
9.1
Has the product been a good partner in doing business?
Average: 8.7
9.0
Traffic Controls
Average: 9.0
9.1
Security Monitoring
Average: 8.9
8.9
Issue Tracking
Average: 8.6
Seller Details
Seller
F5
HQ Location
Seattle, Washington
Twitter
@F5Networks
1,389 Twitter followers
LinkedIn® Page
www.linkedin.com
6,155 employees on LinkedIn®
F5 BIG-IP Advanced Web Application Firewall (Advanced WAF)
(24)4.6 out of 5
11th Easiest To Use in Web Application Firewall (WAF) software
Save to My Lists
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    F5 BIG-IP Advanced Web Application Firewall (Advanced WAF) is built on proven F5 technology to proactively detect and mitigate bots, secure credentials and sensitive data, and defend against applicati

    Users
    No information available
    Industries
    • Banking
    • Information Technology and Services
    Market Segment
    • 54% Enterprise
    • 33% Mid-Market
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • F5 BIG-IP Advanced Web Application Firewall (Advanced WAF) features and usability ratings that predict user satisfaction
    8.7
    Has the product been a good partner in doing business?
    Average: 8.7
    8.6
    Traffic Controls
    Average: 9.0
    9.0
    Security Monitoring
    Average: 8.9
    7.8
    Issue Tracking
    Average: 8.6
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    F5
    HQ Location
    Seattle, Washington
    Twitter
    @F5Networks
    1,389 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    6,155 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

F5 BIG-IP Advanced Web Application Firewall (Advanced WAF) is built on proven F5 technology to proactively detect and mitigate bots, secure credentials and sensitive data, and defend against applicati

Users
No information available
Industries
  • Banking
  • Information Technology and Services
Market Segment
  • 54% Enterprise
  • 33% Mid-Market
F5 BIG-IP Advanced Web Application Firewall (Advanced WAF) features and usability ratings that predict user satisfaction
8.7
Has the product been a good partner in doing business?
Average: 8.7
8.6
Traffic Controls
Average: 9.0
9.0
Security Monitoring
Average: 8.9
7.8
Issue Tracking
Average: 8.6
Seller Details
Seller
F5
HQ Location
Seattle, Washington
Twitter
@F5Networks
1,389 Twitter followers
LinkedIn® Page
www.linkedin.com
6,155 employees on LinkedIn®
Azure Application Gateway
(158)4.4 out of 5
Save to My Lists
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. Unlike traditional load balancers that operate at the transport layer (Layer 4), A

    Users
    • DevOps Engineer
    • Software Engineer
    Industries
    • Information Technology and Services
    • Computer Software
    Market Segment
    • 47% Enterprise
    • 33% Mid-Market
  • Pros and Cons
    Expand/Collapse Pros and Cons
    • Azure Application Gateway Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Ease of Use
    6
    Scalability
    5
    Cost Efficiency
    4
    Features
    4
    Integrations
    4
    Cons
    Complexity
    5
    Cost Issues
    3
    Learning Difficulty
    3
    Not User-Friendly
    3
    Complexity Issues
    2
    View All Pros and Cons
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • Azure Application Gateway features and usability ratings that predict user satisfaction
    8.8
    Has the product been a good partner in doing business?
    Average: 8.7
    9.2
    Traffic Controls
    Average: 9.0
    9.4
    Security Monitoring
    Average: 8.9
    8.6
    Issue Tracking
    Average: 8.6
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    Microsoft
    Year Founded
    1975
    HQ Location
    Redmond, Washington
    Twitter
    @microsoft
    13,084,352 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    226,132 employees on LinkedIn®
    Ownership
    MSFT
Product Description
How are these determined?Information
This description is provided by the seller.

Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. Unlike traditional load balancers that operate at the transport layer (Layer 4), A

Users
  • DevOps Engineer
  • Software Engineer
Industries
  • Information Technology and Services
  • Computer Software
Market Segment
  • 47% Enterprise
  • 33% Mid-Market
Azure Application Gateway Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Ease of Use
6
Scalability
5
Cost Efficiency
4
Features
4
Integrations
4
Cons
Complexity
5
Cost Issues
3
Learning Difficulty
3
Not User-Friendly
3
Complexity Issues
2
View All Pros and Cons
Azure Application Gateway features and usability ratings that predict user satisfaction
8.8
Has the product been a good partner in doing business?
Average: 8.7
9.2
Traffic Controls
Average: 9.0
9.4
Security Monitoring
Average: 8.9
8.6
Issue Tracking
Average: 8.6
Seller Details
Seller
Microsoft
Year Founded
1975
HQ Location
Redmond, Washington
Twitter
@microsoft
13,084,352 Twitter followers
LinkedIn® Page
www.linkedin.com
226,132 employees on LinkedIn®
Ownership
MSFT
Sucuri
(47)3.3 out of 5
13th Easiest To Use in Web Application Firewall (WAF) software
View top Consulting Services for Sucuri
Save to My Lists
Entry Level Price:$9.99 - $69.93 Per mon...
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Sucuri is a managed security service provider for websites. Our cloud-based tools provide complete website security solution, including performance optimization via a CDN, mitigation of external attac

    Users
    • Owner
    Industries
    • Information Technology and Services
    Market Segment
    • 83% Small-Business
    • 6% Mid-Market
  • Pros and Cons
    Expand/Collapse Pros and Cons
    • Sucuri Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Affordable
    1
    Features
    1
    Pricing
    1
    WAF (Web Application Firewall)
    1
    Web Hosting
    1
    Cons
    Complex Setup
    1
    Ineffective Blocking
    1
    Poor Customer Support
    1
    Security Issues
    1
    Server Downtime
    1
    View All Pros and Cons
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • Sucuri features and usability ratings that predict user satisfaction
    7.1
    Has the product been a good partner in doing business?
    Average: 8.7
    6.0
    Traffic Controls
    Average: 9.0
    6.7
    Security Monitoring
    Average: 8.9
    5.8
    Issue Tracking
    Average: 8.6
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    GoDaddy
    Year Founded
    1997
    HQ Location
    Scottsdale, AZ
    Twitter
    @GoDaddy
    275,650 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    8,781 employees on LinkedIn®
    Ownership
    NYSE:GDDY
Product Description
How are these determined?Information
This description is provided by the seller.

Sucuri is a managed security service provider for websites. Our cloud-based tools provide complete website security solution, including performance optimization via a CDN, mitigation of external attac

Users
  • Owner
Industries
  • Information Technology and Services
Market Segment
  • 83% Small-Business
  • 6% Mid-Market
Sucuri Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Affordable
1
Features
1
Pricing
1
WAF (Web Application Firewall)
1
Web Hosting
1
Cons
Complex Setup
1
Ineffective Blocking
1
Poor Customer Support
1
Security Issues
1
Server Downtime
1
View All Pros and Cons
Sucuri features and usability ratings that predict user satisfaction
7.1
Has the product been a good partner in doing business?
Average: 8.7
6.0
Traffic Controls
Average: 9.0
6.7
Security Monitoring
Average: 8.9
5.8
Issue Tracking
Average: 8.6
Seller Details
Seller
GoDaddy
Year Founded
1997
HQ Location
Scottsdale, AZ
Twitter
@GoDaddy
275,650 Twitter followers
LinkedIn® Page
www.linkedin.com
8,781 employees on LinkedIn®
Ownership
NYSE:GDDY
Filters
Filter
Clear Filter
More Filters
Market Segments
All Segments
Small Business
Mid Market
Enterprise
Avg. Customer Review
Language
Pricing
Sort by
Clear All
Clear Filter
More Filters
Market Segments
All Segments
Small Business
Mid Market
Enterprise
Avg. Customer Review
Language
Pricing
Sort by
Clear All
87 Listings in Web Application Firewall (WAF) Available
  • Sort By:
    G2 Score

Web Application Firewall (WAF) Topics

Expand/Collapse

Learn More About Web Application Firewalls (WAF)


What is Web Application Firewall (WAF) Software?

WAF software products are used to protect web applications and websites from threats or attacks. The firewall monitors traffic between users, applications, and other internet sources. They're effective in defending against cross-site forgery, cross-site scripting (XSS attacks), SQL injection, DDoS attacks, and many other kinds of attacks.

These software solutions provide automatic defense and allow administrative control over rule sets and customization since some applications may have unique traffic trends, zero-day threats, or web application vulnerabilities. These tools also provide logging features to document and analyze attacks, incidents, and normal application behaviors.

Companies with web applications should use WAF tools to ensure all weak spots in the application itself are filled. Without WAF, many threats may go undetected, and data leakage may occur. They have truly become an obligatory component of any business-critical web application containing sensitive information.

Key Benefits of Web Application Firewall (WAF) Software

  • Protection against web-based threats
  • Historical documentation of incidents and events
  • Elastic, scalable web application protection

Why Use Web Application Firewall (WAF) Software?

There are a variety of benefits associated with WAF tools and ways they can boost security of applications deployed online. Most of the reasoning behind WAF usage is the generally accepted belief that web-based threats should be a concern for all businesses. Therefore, all businesses deploying web-based applications should be sure they are doing all they can to defend against the myriad cyberthreats that exist today.

Some of the numerous threats WAF products can help defend against include:

  • Cross-Site Scripting (XSS) — Cross-site scripting (XSS) is an attack where a malicious script is injected into websites using a web application to send malicious code. Malicious scripts can be used to access information such as cookies, session tokens, and other sensitive data collected by web browsers.
  • Injection Flaws — Injection flaws are vulnerabilities which allow attackers to send code through an application to another system. The most common type is a SQL injection. In this scenario, an attacker finds a point in which the web application passes through a database, executes their code, and can begin querying whatever information they want.
  • Malicious File Execution — Malicious file execution is accomplished when an attacker is able to input malicious files that are uploaded to the web server or application server. These files can be executed upon upload and completely compromise an application server.
  • Insecure Direct Object Reference — Insecure direct object reference occurs when user input can directly access an application's internal components. These vulnerabilities can allow attackers to bypass security protocols and access resources, files, and data directly.
  • Cross-Site Request Forgery (CSRF) — CSRF attacks force users to execute actions on a web application the user has permission to access. These actions can force users to unwillingly submit requests that may damage the web application or change their credentials to something the attacker can reuse to gain access to an application at a future date.
  • Information Leakage — Information leakage can occur when unauthorized parties are able to access databases or visit URLs that are not linked from the site. Attackers may be capable of accessing sensitive files such as password backups or unpublished documents.
  • Improper Error Handling — Error handling refers to preprogrammed measures that allow applications to dismiss unexpected events without exposing sensitive information. Improper error handling leads to a number of various issues, including the release of data, vulnerability exposure, and application failure.
  • Broken Authentication — Broken authentication is the result of improper credential management functions. If authentication measures fail to function, attackers can walk by security measures without the valid identification. This can lead to attackers gaining direct access to entire networks, servers, and applications.
  • Session Management — Session management errors occur when attackers manipulate or capture the tokenized ID provided to authenticated visitors. Attackers can impersonate generic users or target privileged users to gain access control and hijack an application.
  • Insecure Cryptographic Storage — Cryptographic storage is used to authenticate and protect communications online. Attackers may identify and obtain unencrypted or poorly encrypted resources that may contain sensitive information. Proper encryption typically protects against this, but poor key storage, weak algorithms, and flawed key generation may put sensitive data at risk.
  • Insecure Communications — Insecure communications occur when messages exchanged between clients and servers becomes visible. Poor network firewalls and network security policies can lead to easy access for attackers by gaining access to a local network or carrier device or installing malware on a device. Once applications are exploited, individual user information and other sensitive data becomes extremely vulnerable.
  • Failure to Restrict URL Access — Applications may fail to restrict URL access to unauthorized parties who attempt to visit unlinked URLs or files without permission. Attackers may bypass security by directly accessing URLs containing sensitive information or data files. URL restriction can be accomplished by utilizing page tokens or encrypting URLs to restrict access unless they visit restricted pages through approved navigational paths.

Who Uses Web Application Firewall (WAF) Software?

The actual individuals using application firewalls are software developers and security professionals. The developer will typically build and implement the firewall, while it is maintained and monitored by security operations teams. Still, there are a few industries that may be more inclined to use WAF tools for various purposes.

Internet Businesses — Internet businesses are a natural fit for WAF tools. They often have one or multiple public-facing web applications and various internal web apps for employee use. Both of these kinds of applications should be guarded by some kind of firewall, as well as additional layers of security. While nearly all modern businesses use web applications in some capacity, internet-centric businesses are more susceptible to attacks simply because they likely possess more web apps.

E-Commerce Professionals — E-commerce professionals and e-commerce businesses that build their own online tools should be using WAF technology. Many e-commerce applications are managed by some kind of SaaS provider, but custom-built tools are incredibly vulnerable without an application firewall. E-commerce businesses who fail to protect their applications put the data of their visitors, customers, and business on the line.

Compliant-Required Industries — Industries that require a higher level of compliance for data security should use a web application firewall for any application that communicates with a server or network with access to sensitive information. The most common business types with increased compliance requirements include health care, insurance, and energy industries. But many countries and localities have expanded IT compliance requirements across industries to prevent data breaches and the release of sensitive information.

Web Application Firewall (WAF) Software Features

Some WAF products may be geared toward specific applications, but most share a similar set of core security features and capabilities. The following are a handful of common features to look for when considering the adoption of WAF tools.

Logging and Reporting — Provides required reports to manage the business. Provides adequate logging to troubleshoot and support auditing.

Issue Tracking — Tracks security issues as they arise and manages various aspects of the mitigation process.

Security Monitoring — Detects anomalies in functionality, user accessibility, traffic flows, and tampering.

Reporting and Analytics — Provides documentation and analytical capabilities for data gathered by the WAF product.

Application-Layer Control — Gives user-configurable WAF rules, such as application control requests, management protocols, and authentication policies, to increase security.

Traffic Control — Limits access to suspicious visitors and monitors for traffic spikes to prevent overloads like DDoS attacks.

Network Control — Lets users provision networks, deliver content, balance loads, and manage traffic.


Recommended For You

Facebook
Diligent Boards
X (Twitter)
Snapchat
LinkedIn Premium