Web application firewalls are used to safeguard web applications against attackers. They operate as intermediaries between web servers and client devices to intercept HTTP conversations and filter out suspicious traffic while also blocking unauthorized data from leaving the web application.

A WAF can be deployed as software, an appliance or as a service and used by individuals, startups and small/medium-sized businesses alike.


StackPath is an edge computing platform that delivers services and infrastructure at the internet’s edge, including content delivery network services and distributed security services that deliver high performance with total control and scalability.

No matter the speed or scale of your video streaming, e-commerce website or API needs, StackPath CDN offers comprehensive acceleration. In addition, its WAF packages can provide protection from online attacks such as SQL injections, XSS attacks, remote file inclusion and inclusion attacks, CSRF attacks as well as suspicious visitor behavior monitoring.

Stackpath CDN offers several pricing plans designed to fit every budget, and is easy to set up. Their starter package provides 1TB of traffic, a Web Application Firewall with five custom rules and two million DNS requests for $20 per month. Furthermore, its WHMCS module makes offering CDN, DNS and WAF services to your customers even simpler; you can create service packages in WHMCS which automatically apply them against your Stackpath account.


Since 2002, Imperva (formerly Incapsula) has been one of the leading cybersecurity systems providers. Their security products include cloud-based WAF and CDN solutions capable of detecting attacks that bypass traditional firewalls; helping businesses meet compliance standards; offering graphical reports; single pane of glass dashboards; as well as seamless integration with leading SIEM solutions such as Splunk and ArcSight.

Imperva stands apart from traditional WAFs by using site-profile-based detection to differentiate normal traffic from potential attack traffic, thus eliminating false positives while simultaneously improving performance and reducing bandwidth usage. It has proven highly effective against threats like the OWASP top 10, SQL injections, web 2.0 threats such as academic web archiving.

The company provides a secure CDN and DDoS protection combination, equipped with global network servers for content caching, load balancing and website failover. Furthermore, its real time optimization services enhance business operations while optimising networking and content in real time.

Fortinet FortiWeb

Protects web applications, APIs, and mobile apps used for business-to-business communications with its multi-layer defense against OWASP Top-10 Application Attacks, DDoS attacks, and malicious bots. In addition, organizations can monitor public-facing web applications for compliance with government regulations and industry best practices.

FortiWeb combines the features and functions of traditional WAFs with threat detection engines, correlated events and machine learning for bidirectional security against advanced persistent threats. When integrated into Fortinet security fabrics it provides comprehensive protection across application stack.

Product is offered as physical, virtual and container appliances for deployment in data center or cloud environments. Scalable design caters to large enterprises, service providers and carriers while its unified platform reduces deployment costs and simplifies security management – also enabling users to scale performance and capacity as their needs expand. WAF, XML firewall and web traffic acceleration features help businesses improve application performance; its machine learning detection engine detects abnormal behaviors – differentiating between benign and malicious events without producing false positives which drive administrative overhead costs.


AppTrana is an all-encompassing cloud-native WAF solution, which detects application layer threats such as the OWASP Top 10 and Zero-Day vulnerabilities, accelerates website assets, protects against DDoS/Bot attacks, provides managed rules on an ongoing basis to keep up with new risks/threat vectors, and has multi-step anti-attack techniques to stop even sophisticated Layer 7 DDoS/Bot attacks without impacting performance.

WAFs filter both incoming and outgoing traffic to detect and block malicious activity, including SQL injection and cross-site scripting (XSS) attacks that target specific web applications. They look out for common attack patterns like SQL injection and cross-site scripting as indicators that an attack has targeted them, as well as looking out for other indicators like unauthorized access or suspicious Cookie headers to make this determination.

AppTrana provides automated scanning and on-demand manual penetration testing to quickly find vulnerabilities, while providing a 360deg view of security status, custom rule creation/deployment, and round-the-clock monitoring by security experts.