Cloud based Web Application Firewalls

Introductory documentation on what WAF solutions are available in our public cloud providers
web application firewall (or WAF) filters, monitors, and blocks HTTP/S to and from a web application or API. A WAF is differentiated from a regular firewall in that a WAF is able to filter the content of specific web applications while regular firewalls serve as a safety gate between servers. By inspecting HTTP traffic, it can prevent attacks stemming from web application security flaws, such as Injection attacks, Cross Site Scripting(XSS), file inclusion, and security misconfigurations.  A good list of types of attacks that a WAF can help with can be found in the OWASP (Open Web Application Security Project) Top 10 List.

Each of our cloud vendors have a WAF solution available to protect your assets in the cloud.  Each has a pricing model associated with them so please look at that and how it will impact your cloud spend.


AWS WAF and blocking the OWASP top 10 attacks

Azure WAF


GCP Cloud Armor (WAF and DDOS solution):

If you have any questions, feedback or ideas please Contact Us

Commonly Referenced Docs:

UW Madison Public Cloud Team Events
Online Learning Classes for Cloud Vendors
What Data Elements are allowed in the Public Cloud

KeywordsAWS GCP Azure WAF   Doc ID103029
OwnerKelly R.GroupPublic Cloud
Created2020-06-12 14:21:43Updated2021-11-08 09:48:36
SitesPublic Cloud
Feedback  0   0