Trace Id is missing
Skip to main content
Azure

Azure Web Application Firewall

A cloud-native web application firewall (WAF) service that provides powerful protection for web apps.

Try Azure for free Create a pay-as-you-go account
Watch the Azure and Tufin on-demand webinar: Learn how to achieve agility and security with simplified network security management across on-premises and cloud.

Improve security for your web applications

Azure Web Application Firewall is a cloud-native service that protects web apps from common web-hacking techniques such as SQL injection and security vulnerabilities such as cross-site scripting. Deploy the service in minutes to get complete visibility into your environment and block malicious attacks.

Comprehensive protection for the Open Web Application Security Project (OWASP) top 10 security risks

Custom and managed rule sets to prevent malicious attacks at the edge

Real-time visibility into your environment and security alerts

Full REST API support to automate DevOps processes

Protect web apps with managed rule sets

Protect your web applications in just a few minutes with the latest managed and preconfigured rule sets. The Azure Web Application Firewall detection engine combined with updated rule sets increases security, reduces false positives, and improves performance.

Learn more about managed rule sets
Two people having a conversation over a desktop monitor.
A person working at their desk with multiple screens.

Meet security requirements with agentless deployment

Easily deploy Azure Web Application Firewall security with no additional software agent required. Centrally define and customize rules to meet your security requirements, then apply them to protect all your web apps.

Learn how to create and customize rules

Improve visibility into security and analytics

Experience seamless integration with security information event management (SIEM) tools in Azure. Access prebuilt workbooks with Microsoft Sentinel and modify them to fit your organization's needs.

Learn more about integration with Microsoft Sentinel
A team working in a conference room with world clocks.
A person giving a presentation.

Achieve organizational compliance fast

Use Azure Policy to help enforce organizational standards and assess compliance at scale for Web Application Firewall resources. Get an aggregated view to evaluate the overall state of your environment.

Learn more about integration with Azure policy
A worker looking at a Surface device while in the field.

Improve security and optimize performance at the edge

Deploy Azure Web Application Firewall in Azure Front Door for advanced security, scalability, and accelerated delivery of apps to global users.

Explore Azure Front Door
A person working at their desk on a laptop and two monitors.

Monitor security alerts and logs

Use Azure Monitor to track diagnostic information including security alerts and logs that provide detailed reporting on detected threats.

Learn more about integration with Azure Monitor

Comprehensive security and compliance, built in

Get started with an Azure free account

1

Start free. Get USD$200 credit to use within 30 days. While you have your credit, get free amounts of many of our most popular services, plus free amounts of 55+ other services that are always free.

2

After your credit, move to pay as you go to keep building with the same free services. Pay only if you use more than your free monthly amounts.

3

After 12 months, you'll keep getting 55+ always-free services—and still pay only for what you use beyond your free monthly amounts.

Trusted by companies of all sizes

VECOZO
Elvia
Eni

“In our on-premises environment, each security layer was standalone, presented in several dashboards. In Azure, we wanted to focus not only on the available solutions, but also combining their functionalities into a single easy-to-deploy, easy-to-manage, highly secure environment.”

André Beerendonk, Team Manager for IT Operations, VECOZO

Read the story
Two employees working together at a desk

“We need providers like Microsoft that we can trust so we can focus on the business. We use Azure DDoS Protection Standard and Azure Web Application Firewall on Azure Application Gateway to protect our business-critical workloads and data streams across our environment.”

Marius Matonis, Senior Technical Lead, Elvia

Read the story
A bird's eye view of a large river flowing through mountains and towns

Eni gets a competitive edge with hub-and-spoke topology

Italian energy company Eni uses low-latency hub-and-spoke architecture on Azure to enable enterprise-grade controls and meet its high security bar.

Enimbos
Back to tabs

Azure Web Application firewall resources and documentation

Get started

Resources

Frequently asked questions about Azure Web Application Firewall

  • Azure Web Application Firewall is a cloud-native service that protects your web applications from bot attacks and common web vulnerabilities such as SQL injection and cross-site scripting.

  • Yes. Learn how to customize Web Application Firewall rules in the Azure portal.

  • Yes. Enable DDoS protection on Azure Virtual Network where Azure Application Gateway is deployed. This ensures that the Azure DDoS protection service also protects the application gateway virtual IP (VIP).

Ready when you are—let's set up your Azure free account

Try Azure for free