WAF
A web application firewall that filters and monitors HTTP traffic between the Internet and a web application, protecting against attacks such as SQL injection and XSS.
What is a WAF?
A WAF (Web Application Firewall) is a security solution that filters, monitors and blocks malicious HTTP/HTTPS traffic directed at web applications. Unlike traditional firewalls operating at layers 3-4 of the OSI model, a WAF operates at layer 7 (application) and understands the structure of HTTP requests, parameters, headers and cookies.
A WAF protects against the most common web application attacks described in the OWASP Top 10: SQL injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), path traversal, remote file inclusion and others. It operates based on rule sets - the most commonly used being the OWASP Core Rule Set (CRS) - which define patterns of malicious requests.
A WAF can operate in three modes: transparent bridge, reverse proxy or as a module embedded in the web server. Modern WAF solutions are also available as cloud services (Cloudflare WAF, AWS WAF, Azure WAF), simplifying deployment and management.
Why does it matter?
Web applications are among the most frequently attacked elements of organisational infrastructure. A WAF provides an additional layer of protection that can block attacks even on applications with unpatched vulnerabilities - giving the development team time to deploy fixes. It is important to note that a WAF does not replace secure software development or penetration testing - it is a complement, not a substitute.
Related topics
Related terms
Related SEQRED services
Need help in this area?
Our experts will help you assess the risk and plan next steps.