Security Intermediate

What is WAF (Web Application Firewall)?

A security solution that filters and monitors HTTP traffic between a web application and the internet, blocking common attacks.

WAFs protect against OWASP Top 10 attacks: SQL injection, XSS, CSRF, and more. They inspect HTTP requests and responses, applying rules to detect and block malicious patterns. WAFs can be network-based, host-based, or cloud-based.

Popular WAFs include Cloudflare WAF, AWS WAF, ModSecurity (open-source), and Imperva. WAF rules include signature-based detection (known attack patterns), rate limiting, IP reputation, and bot detection. WAFs complement but do not replace secure coding practices.

Learn More About This Topic

SOC Analyst Fundamentals

Related reading

SOC Analyst Advanced: Incident Response & Forensics

Related reading

Ethical Hacking & Penetration Testing

Related reading

Related Terms

An attack where malicious SQL code is inserted into application queries through user input to access or manipulate the database.

DDoS (Distributed Denial of Service)

An attack that floods a target server or network with traffic from multiple sources to overwhelm it and deny service to legitimate users.

JWT (JSON Web Token)

A compact, self-contained token format used for securely transmitting information between parties as a JSON object.

Data Loss Prevention (DLP)

A strategy and set of tools that detect and prevent unauthorized transmission of sensitive data outside an organization.

PKI (Public Key Infrastructure)

A framework of policies, hardware, and software for creating, managing, distributing, and revoking digital certificates.

CSRF (Cross-Site Request Forgery)

An attack that tricks authenticated users into submitting unwanted requests to a web application they are logged into.

View All Security Terms →