Security Intermediate

What is WAF (Web Application Firewall)?

A security solution that filters and monitors HTTP traffic between a web application and the internet, blocking common attacks.

WAFs protect against OWASP Top 10 attacks: SQL injection, XSS, CSRF, and more. They inspect HTTP requests and responses, applying rules to detect and block malicious patterns. WAFs can be network-based, host-based, or cloud-based.

Popular WAFs include Cloudflare WAF, AWS WAF, ModSecurity (open-source), and Imperva. WAF rules include signature-based detection (known attack patterns), rate limiting, IP reputation, and bot detection. WAFs complement but do not replace secure coding practices.

Learn More About This Topic

SOC Analyst Fundamentals

Related reading

SOC Analyst Advanced: Incident Response & Forensics

Related reading

Ethical Hacking & Penetration Testing

Related reading

Related Terms

Configuration entries that define which network traffic is allowed or blocked based on source, destination, port, and protocol.

A regularly updated list of the ten most critical web application security risks, published by the Open Web Application Security Project.

DDoS (Distributed Denial of Service)

An attack that floods a target server or network with traffic from multiple sources to overwhelm it and deny service to legitimate users.

CORS (Cross-Origin Resource Sharing)

A browser security mechanism that controls which web domains can access resources from another domain via HTTP requests.

Input Validation

The process of verifying that user-supplied data meets expected formats, types, and ranges before processing it.

Security Headers

HTTP response headers that instruct browsers to enable security features like XSS protection, framing prevention, and content type enforcement.

View All Security Terms →