Help the communities most affected by the California wildfires in only a few minutes. We'll donate $10 for every review you submit.

Best Web Application Firewall (WAF) Software

Web application firewalls (WAF) are designed to protect web apps by filtering and monitoring incoming traffic. These tools analyze HTTP traffic as it comes in, blocking potentially malicious traffic and identifying traffic anomalies. Companies use these tools in conjunction with additional application security software to better protect operational web applications. These tools differ from traditional firewalls, which control traffic between servers, by filtering traffic and content attempting to access a specific web-based application.

To qualify for inclusion in the Web Application Firewalls (WAF) category, a product must:

  • Inspect traffic flow at the application level
  • Filter HTTP traffic for web-based applications
  • Block attacks such as SQL injections and cross-site scripting
Filters
Star Rating

Web Application Firewall (WAF) reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.

Compare Web Application Firewall (WAF) Software
Results: 28
    G2 Crowd takes pride in showing unbiased ratings on user satisfaction. G2 Crowd does not allow for paid placement in any of our ratings.
    Sort By:

    Cloudbric is a cloud-based web security provider, offering an award-winning Web Application Firewall (WAF), DDoS protection, and SSL. Cloudbric offers security primarily to startup and SMB websites that lack cybersecurity experience or can't afford expensive IT security solutions. Cloudbric’s services are free for all websites with less than 4GB of bandwidth per month. We charge based on amount of web traffic, making Cloudbric perfect for SMEs and new startups. Our services are military-grade protection for the little guy.


    The NGINX Application Platform is a suite of products that together form the core of what organizations need to create applications with performance, reliability, security, and scale. The NGINX Application Platform includes NGINX Plus for load balancing and application delivery, the NGINX WAF for security, and NGINX Unit to run the application code, all monitored and managed by the NGINX Controller. NGINX is the heart of the modern web — helping the world’s most innovative companies deliver their sites and applications with performance, reliability, security, and scale. The company offers an award-winning, comprehensive application delivery platform in use on more than 300 million sites worldwide. Companies around the world rely on NGINX to ensure flawless digital experiences through features such as advanced load balancing, web and mobile acceleration, security controls, application monitoring, and management. More than half of the Internet’s busiest websites rely on NGINX, including Airbnb, Box, Instagram, Netflix, Pinterest, SoundCloud, and Zappos. The company is headquartered in San Francisco, with its EMEA headquarters in Cork, Ireland and APAC headquarters in Singapore. Learn more at https://www.nginx.com/


    Eliminate application vulnerabilities and stop data breaches. You depend on applications everyday. They are how your customers and partners connect with you, and they are how your employees get their jobs done. Unfortunately, your applications remain one of the most commonly exploited threat vectors. Barracuda WAF protects your web, mobile and API applications from being compromised, and prevents data breaches— ensuring you maintain your reputation and your customer's confidence.


    Citrix Web App Firewall is a web application firewall (WAF) that protects web applications and sites from both known and unknown attacks, including all application-layer and zero-day threats.


    Cloudflare’s enterprise-class web application firewall (WAF) protects your Internet property from common vulnerabilities like SQL injection attacks, cross-site scripting, and cross-site forgery requests with no changes to your existing infrastructure.


    AppSecure is a suite of application security capabilities for Juniper Networks SRX Series Services Gateways that identifies applications for greater visibility, enforcement, control, and protection of the network.


    AppWall is a web application firewall (WAF) and network security solution that guarantees fast, reliable and secure web applications.


    FortiWeb WAF is a comprehensive, high-performance web application security service.



    Web Application Protector is designed to safeguard web assets from web application and DDoS attacks, while improving performance.


    WAF is a cloud firewall service that protects core website data and safeguards the security and availability of your site


    Application Security is a network security software that provides safeguards against unauthorized access and malicious application attacks.


    Arxan Application Protection offers protection and management solutions for IoT, mobile, and other applications.


    A comprehensive web application firewall (WAF) that protects apps and data from known and unknown threats, defends against bots that bypass standard protections, and virtually patches app vulnerabilities.


    Help protect your critical data from hacking, phishing, site scraping, cross-site scripting and parameter tampering, with CenturyLink Web Application Firewall services.


    Comodo cWatch Web is a managed security service for websites and applications that combines a Web Application Firewall (WAF) provisioned over a secure Content Delivery Network (CDN).


    DenyAll is a french software editor specialized in Web Application Firewall (WAF) and vulnerability scanners.


    dotDefender is a web application security solution (a Web Application Firewall, or WAF) that offers strong, proactive security for websites and web applications. dotDefender can handle .NET Security issues.


    Identify and protect production applications from common attacks and vulnerability exploits in real-time.


    WAF enables effective protection against XSS (Cross-Site Scripting) attacks, SQL injections, and zero-day exploits. Also, it enables blocking the activity of suspicious bots stealing the contents. The protection rules are user-definable and the protection is active round the clock. The WAF functionality is addressed to all website owners.


    KEMP’s Application Firewall Pack (AFP)* combines Layer 7 Web Application Firewall protection with other application delivery services including intelligent load balancing, intrusion detection, intrusion prevention as well as edge security and authentication. KEMP WAF provides continuous protection against vulnerabilities with daily rule updates based on threat intelligence and research from information security provider, Trustwave.


    Defends against the latest attacks, data breaches and helps eliminate downtime. The WAF serves as an essential part of any defense-in-depth security architecture by providing advanced inspection and specialized security for the web application layer. The WAF can operate as a standalone unit or in conjunction with the ADS Series for defense-in-depth security.


    Qualys WAF is an integrated web application firewall (WAF) and web application scanning (WAS) solution.


    SecureSphere Web Application Firewall (WAF) analyzes all user access to business-critical web applications and protects applications and data from cyber attacks.


    The World's pioneering Cyber Security solution designed exclusively to protect websites against hackers.


    SES WAF offers the highest standards in a web application firewall. It stands impregnable before your web applications and data. The more precious and personal the data, the more important it is: SES WAF allows nothing and no-one to get to what you want to protect.


    Venusense Web Application Firewall (WAF) is a new generation of Web security protection and application delivery product developed by Venustech. It mainly provides HTTP/HTTPS traffic analysis for Web servers, prevents attacks aimed at Web application vulnerabilities, optimizes Web application accesses to improve the availability, performance, and security of Web/network protocol based applications and ensure the quick, secure, and reliable delivery of Web service applications.


    WAPPLES is capable of combating the newest threats, including attacks often utilized in Advanced Persistent Threats (APT) launched by malicious agents to obtain data assets of governments and enterprises or for terrorism or political gains.