A web application firewall, or WAF, is a security tool for monitoring, filtering and blocking incoming and outgoing data packets from a web application or website. WAFs can be host-based, network-based or cloud-based and are typically deployed through reverse proxies and placed in front of an application or website (or multiple apps and sites).
WAFs can run as network appliances, server plugins or cloud services, inspecting each packet and analyzing application layer (Layer 7) logic according to rules to filter out suspicious or dangerous traffic.
WAFs are important for a growing number of organizations that offer products or services online—this includes mobile app developers, social media providers, and digital bankers. A WAF can help you protect sensitive data, such as customer records and payment card data, and prevent leakage.