Overview
What is a Web Application Firewall?
A web application firewall (WAF) is a specific form of application firewall that filters, monitors, and blocks HTTP traffic to and from a web service. By inspecting HTTP traffic, it can prevent attacks exploiting a web application’s known vulnerabilities, such as SQL injection, cross-site scripting (XSS), file inclusion, and improper system configuration.
1
Many basic security measures are applied in a WAF are supported by the Open Web Application Security Project (OWASP) owasp.org
.
Comparisons
Not all WAF’s are created equal. Here we want to start evaluating the differences and how much we we can delve into them.
F5 is one of the most widely used WAF that I have seen and used in typicaly datacenters, but when coming across cloud I have been evaluating the functionality and visibiltity that Palo Alto Prisma Cloud introduces over the traditional AWS WAF solution AWS WAF vs Prisma Cloud by Palo Alto Networks comparison
Let’s go more into a breakdown of the different types and reasons for going with each. Of course I would always opt something cloud agnostic,but something that does the job an integrates well within your environment.