12 top web application firewalls compared

A web application firewall (WAF) is a critical component of an enterprise security infrastructure, providing a key security layer for web-facing applications and APIs.

As web applications mature and become more popular, organizations need to focus more on maintaining a positive security footprint around them. Traditionally, web application security was handled using a combination of the corporate firewall, authentication to an LDAP directory, and a hardened web server in the DMZ network. In a modern infrastructure, where attacks are more sophisticated and cloud-based resources are commonplace, these security measures are often still in place, but can be further enhanced by a web application firewall (WAF).

Web application firewall (WAF) definition

A WAF is a critical component of an enterprise security infrastructure, providing protection between end users and your web application, potentially at multiple layers of the Open Systems Interconnection (OSI) model. Most WAFs offer rule-based protection against application-level attacks such as SQL injection or cross-site scripting, but several of the options on this list also offer features as far down as the IP layer such as DDoS protection and load balancing.

Top web application firewalls

We break down the top 12 web application firewalls, presented in alphabetical order, to help you determine which WAF suites and services best suit your organization’s needs, along with peer review ratings from Gartner PeerInsights.

1. Akamai Kona Site Defender

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!