{"id":7742,"date":"2022-05-03T00:00:00","date_gmt":"2022-05-03T00:00:00","guid":{"rendered":"https:\/\/azure.microsoft.com\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall"},"modified":"2025-06-17T23:49:55","modified_gmt":"2025-06-18T06:49:55","slug":"intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall","status":"publish","type":"post","link":"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/","title":{"rendered":"Intelligent application protection from edge to cloud with Azure Web Application Firewall"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Threat intelligence at scale!<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Changes to how we work and operate our businesses have driven every company to now be a digital company. This acceleration in digital transformation has also led to a rise in security risks. Cyberattacks are becoming more common and advanced with growing attack surfaces due to the proliferation of mobile and IoT devices and increasing cloud adoption. Basic protection measures are no longer sufficient as new attack vectors have emerged and attacks have become more sophisticated with automated and large-scale attacks. To help our customers address these security challenges, we have been evolving <a href=\"https:\/\/azure.microsoft.com\/services\/web-application-firewall\/\" target=\"_self\" rel=\"noopener\">Azure Web Application Firewall (Azure WAF)<\/a>, our cloud-native, self-managed security service to protect your applications and APIs running in Azure or anywhere else\u2014from the network edge to the cloud.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"a-quick-primer-on-azure-waf\">A quick primer on Azure WAF<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">We offer two options\u2014global and regional\u2014for deploying Azure WAF for your applications and APIs.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2022\/05\/3f041c54-e8e9-4cdb-b122-88e50fee0728.webp\" alt=\"Diagram of global and regional WAF\" title=\"\" \/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/docs.microsoft.com\/azure\/web-application-firewall\/afds\/afds-overview\" target=\"_blank\" rel=\"noopener\">Global WAF<\/a>: Azure WAF attaches to Azure Front Door, our native, modern cloud content delivery network (CDN), to provide global application acceleration and intelligent security at scale. Azure WAF stops the security attacks at the network edge closer to the source of attack with over hundreds of edge locations around the world.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/docs.microsoft.com\/azure\/web-application-firewall\/ag\/ag-overview\" target=\"_blank\" rel=\"noopener\">Regional WAF<\/a>: Azure WAF attaches to Azure Application Gateway, a highly scalable, web application regional load balancer running in a virtual network. It manages traffic for both internal and external websites and provides application protection in over 60 Azure regions worldwide.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"what-s-changed\">What\u2019s changed?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">We are excited to share recent updates and announce many new features that will offer customers <strong>better security, improved scale, easier deployment, and better management <\/strong>of their applications.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"application-and-api-protection\">Application and API protection<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\"><strong>Improved security posture with new rulesets<\/strong>: On March 29, we <a href=\"https:\/\/azure.microsoft.com\/updates\/generally-available-the-new-azure-front-door-a-modern-cloud-cdn-service\/\">announced<\/a> the general availability of Managed Default Rule Set 2.0 (DRS 2.0) integrated with Azure Front Door Premium tier. DRS 2.0 includes the latest Microsoft proprietary rules authored by Microsoft Threat Intelligence. Today, on\u00a0regional WAF attached to Azure Application Gateway, we are excited to announce the general availability of Open Web Application Security Project (OWASP)\u00a0Core Rule Set 3.2 (CRS 3.2). These updated rulesets provide increased coverage for web vulnerabilities, reduce false positives, and protect against specific vulnerabilities, like <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2021\/12\/11\/guidance-for-preventing-detecting-and-hunting-for-cve-2021-44228-log4j-2-exploitation\/#WAF\" target=\"_blank\" rel=\"noopener\">Log4J<\/a> and <a href=\"https:\/\/aka.ms\/aznet\/springshell\" target=\"_blank\" rel=\"noopener\">SpringShell<\/a> CVEs.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Anomaly scoring with reduced false positives<\/strong>: Like regional WAF, we also introduced anomaly scoring with DRS 2.0 on global WAF which drastically helps reduce false positives for customer applications. In <a href=\"https:\/\/docs.microsoft.com\/azure\/web-application-firewall\/afds\/waf-front-door-drs?tabs=drs20#anomaly-scoring-mode\" target=\"_blank\" rel=\"noopener\">anomaly scoring<\/a> mode, when an incoming request violates WAF rule, it is assigned an anomaly score based on the severity of the rule, and an action is taken only when the anomaly score reaches a threshold.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Increased size limits<\/strong>: With CRS 3.2, regional WAF can now support request body size inspection up to 2MB and file upload size up to 4GB.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>API security<\/strong>: With DRS 2.0, global WAF now also supports XML and JSON <a href=\"https:\/\/docs.microsoft.com\/azure\/web-application-firewall\/afds\/waf-faq#what-content-types-does-waf-support-\" target=\"_blank\" rel=\"noopener\">content types<\/a> that allow request inspection to secure inbound traffic. Azure WAF on Azure Front Door and Azure Application Gateway seamlessly <a href=\"https:\/\/docs.microsoft.com\/azure\/api-management\/api-management-howto-integrate-internal-vnet-appgateway\" target=\"_blank\" rel=\"noopener\">integrates with Azure API Management<\/a> to provide advanced API management and security features.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Advanced customization with per rule exclusions<\/strong>: As in global WAF, today we are also introducing <a href=\"https:\/\/go.microsoft.com\/fwlink\/?linkid=2189157\" target=\"_blank\" rel=\"noopener\">per rule exclusions<\/a> with CRS 3.2 on regional WAF with Application Gateway.\u00a0 Exclusions allow you to override WAF engine behavior by specifying certain request attributes to omit from rule evaluation. In addition, we now allow attribute exclusions definitions by name or value of header, cookies, and arguments. Exclusions can be applied to a rule, set of rules, rule group, or globally for the entire ruleset, providing increased flexibility to help reduce false positives and meet application-specific requirements. This feature is currently available via Azure portal, Azure Resource Manager, PowerShell, CLI, and SDK.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"bot-protection\">Bot protection<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Bots have become an essential part of our customer\u2019s digital footprint, helping to automate and perform key functions. However, attackers are increasingly taking advantage of this by manipulating bots to carry out malicious tasks. We\u2019re continuously improving our platform capabilities to better protect against bot attacks\u2014bot protection with Bot Manager 1.0 ruleset is available through integration with the Azure Front Door Premium tier. Our bot detection and protection rules are based on Microsoft Threat Intelligence and support bot classification for good, bad, and unknown bots. Bad bots include bots from malicious IP addresses or bots that have falsified identities. The malicious IPs are provided by Microsoft\u2019s Threat Intelligence feed, which is based on feeds from external providers and internal threat intel. For good bots, WAF uses reverse DNS lookups to validate if the user-agent and IP address range match what the agent claims it to be. Bot signatures are dynamically managed and automatically updated by WAF when new threat actors are detected.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"performance-and-scale-with-the-next-generation-of-waf-engine\">Performance and scale with the next generation of WAF engine<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">We are excited to announce the general availability of our next-generation WAF engine on Azure Application Gateway. The new WAF engine, released with CRS 3.2, is a high-performance, scalable Microsoft proprietary engine and has significant improvements over the previous WAF engine.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Benefits of the new Azure WAF engine include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\"><strong>Improved performance<\/strong>:\u00a0In our test lab, the new engine resulted in significant reduction in WAF latencies when compared with the previous version of engine. We also observed significant reduction in P99 tail latencies with up to ~8 times in processing POST requests and ~4 times reduction processing GET requests.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Increased scale<\/strong>:\u00a0Our next-gen engine can scale up to 8 times more RPS using the same compute power and has the ability to process 16 times larger request sizes (now up to 2MB request size), which was not possible earlier with the previous engine.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Better protection<\/strong>:\u00a0New\u00a0redesigned engine with efficient regex processing offers better protection against RegEx DoS attacks.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Richer feature set<\/strong>: The new engine is available with the CRS 3.2 version. New features and future enhancements will only be available through the new engine and the later versions of CRS. Customers are strongly encouraged to move to CRS 3.2 version. We are in the process of phasing out CRS 2.2.9 and will stop onboarding new customers on the older CRS 2.2.9 version. Existing customers on CRS 2.2.9 will continue to be supported.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">To learn more about the new engine, see <a href=\"https:\/\/go.microsoft.com\/fwlink\/?linkid=2191977\" target=\"_blank\" rel=\"noopener\">WAF engine documentation<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"management-and-monitoring\">Management and monitoring<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\"><strong>Native consistent experience with WAF policy<\/strong>: Application Gateways WAF v2 now natively utilizes <a href=\"https:\/\/docs.microsoft.com\/azure\/web-application-firewall\/ag\/application-gateway-web-application-firewall-portal\" target=\"_blank\" rel=\"noopener\">regional WAF policy instead of config<\/a> by default, removing the need for the legacy WAF config experience on Azure Application\u00a0Gateway. All the latest features and future enhancements will be available via WAF policies. Application Gateway configuration continues to be supported for existing deployments of v1 and v2 SKUs, but customers are strongly encouraged to migrate to Application Gateway v2 with WAF policies that offer a richer feature set and improved experiences at no additional cost. Azure policies can be shared across multiple application gateway deployments, simplifying the management experience. With Azure policy, customers can easily automate deployment and provisioning of applications using DevOps and APIs friendly tools\u2014Azure Resource Manager, REST API, PowerShell, CLI, and Terraform.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Advanced analytics capabilities<\/strong>: You can now access new <a href=\"https:\/\/docs.microsoft.com\/azure\/web-application-firewall\/ag\/application-gateway-waf-metrics\" target=\"_blank\" rel=\"noopener\">Azure Monitor metrics on regional WAF<\/a> for more effective monitoring, troubleshooting, and debugging. Azure Monitor logs and metrics for WAF can be streamed to a central log platform for advanced log analytics and are further consumed by Microsoft Sentinel and Microsoft Defender for Cloud for security monitoring and alerting. <a href=\"https:\/\/docs.microsoft.com\/azure\/web-application-firewall\/waf-sentinel\" target=\"_blank\" rel=\"noopener\">Microsoft Sentinel integration<\/a> allows security analysts to analyze and correlate data from other sources, detect threats, and automate incidence response. For example, we recently released Sentinel hunting queries to detect and respond to zero-day critical vulnerabilities like\u2014<a href=\"https:\/\/www.microsoft.com\/security\/blog\/2021\/12\/11\/guidance-for-preventing-detecting-and-hunting-for-cve-2021-44228-log4j-2-exploitation\/#Sentinel-queries\" target=\"_blank\" rel=\"noopener\">Log4J Sentinel hunting queries<\/a> and <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2022\/04\/04\/springshell-rce-vulnerability-guidance-for-protecting-against-and-detecting-cve-2022-22965\/#sentinel\" target=\"_blank\" rel=\"noopener\">SpringShell Sentinel hunting queries<\/a>.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Built-in security reports<\/strong>: <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/frontdoor\/standard-premium\/how-to-reports#security-report\" target=\"_blank\" rel=\"noopener\">Security reports<\/a> on Azure Front Door provide powerful visualization of WAF patterns, trends by action, and events by rule types and rule groups. Security threat analysts can view breakdown top events by different dimensions like IP, country, URL, hostname, and user-agent for threat analysis.<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2022\/05\/41cd1bd0-d8e8-4c4b-9700-12317c9886aa.webp\" alt=\"An example of WAF rules trend by action\" title=\"\" \/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\"><strong>Improved manageability<\/strong>: Azure WAF integration with Azure Firewall Manager is coming soon. With this integration, customers will be able to manage WAF policies at scale for applications hosted on Azure Front Door and Azure Application Gateway platforms.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"get-started-and-share-your-feedback\">Get started and share your feedback<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">You can try Azure WAF with Azure Application Gateway and Azure Front Door today. Visit <a href=\"https:\/\/docs.microsoft.com\/azure\/web-application-firewall\/overview\">Azure WAF documentation<\/a> to learn more. As we continue to enhance the Azure WAF offering, we would love to hear your feedback. Post your ideas and suggestions on the <a href=\"https:\/\/feedback.azure.com\/d365community\/forum\/8ae9bf04-8326-ec11-b6e6-000d3a4f0789\">networking community page<\/a> or email us at <a href=\"mailto:azurewaf@microsoft.com\">azurewaf@microsoft.com<\/a>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Stay safe!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cyberattacks are becoming more common and advanced with growing attack surfaces due to the proliferation of mobile and IoT devices and increasing cloud adoption. To help our customers address these security challenges, we have been evolving Azure Web Application Firewall (Azure WAF), our cloud-native, self-managed security service to protect your applications and APIs running in Azure or anywhere else\u2014from the network edge to the cloud.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ms_queue_id":[],"ep_exclude_from_search":false,"_classifai_error":"","_classifai_text_to_speech_error":"","_alt_title":"","footnotes":"","msx_community_cta_settings":[]},"categories":[1457,1459,1461],"tags":[],"audience":[3053,3056],"content-type":[1465],"product":[1616],"tech-community":[],"topic":[],"coauthors":[199],"class_list":["post-7742","post","type-post","status-publish","format-standard","hentry","category-networking","category-security","category-web","audience-it-decision-makers","audience-it-implementors","content-type-announcements","product-web-application-firewall","review-flag-1-1680286581-825","review-flag-2-1680286581-601","review-flag-3-1680286581-173","review-flag-4-1680286581-250","review-flag-8-1680286581-263","review-flag-9-1680286581-259","review-flag-anywh-1680286580-635","review-flag-gener-1680286584-335","review-flag-iot-1680286585-835","review-flag-microsofts","review-flag-new-1680286579-546"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Intelligent application protection from edge to cloud with Azure Web Application Firewall | Microsoft Azure Blog<\/title>\n<meta name=\"description\" content=\"Cyberattacks are becoming more common and advanced with growing attack surfaces due to the proliferation of mobile and IoT devices and increasing cloud adoption. To help our customers address these security challenges, we have been evolving Azure Web Application Firewall (Azure WAF), our cloud-native, self-managed security service to protect your applications and APIs running in Azure or anywhere else\u2014from the network edge to the cloud.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Intelligent application protection from edge to cloud with Azure Web Application Firewall | Microsoft Azure Blog\" \/>\n<meta property=\"og:description\" content=\"Cyberattacks are becoming more common and advanced with growing attack surfaces due to the proliferation of mobile and IoT devices and increasing cloud adoption. To help our customers address these security challenges, we have been evolving Azure Web Application Firewall (Azure WAF), our cloud-native, self-managed security service to protect your applications and APIs running in Azure or anywhere else\u2014from the network edge to the cloud.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Azure Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/microsoftazure\" \/>\n<meta property=\"article:published_time\" content=\"2022-05-03T00:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-06-18T06:49:55+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2022\/05\/3f041c54-e8e9-4cdb-b122-88e50fee0728.webp\" \/>\n<meta name=\"author\" content=\"Gunjan Jain\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@azure\" \/>\n<meta name=\"twitter:site\" content=\"@azure\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Gunjan Jain\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/\"},\"author\":[{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/author\/gunjan-jain\/\",\"@type\":\"Person\",\"@name\":\"Gunjan Jain\"}],\"headline\":\"Intelligent application protection from edge to cloud with Azure Web Application Firewall\",\"datePublished\":\"2022-05-03T00:00:00+00:00\",\"dateModified\":\"2025-06-18T06:49:55+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/\"},\"wordCount\":1411,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2022\/05\/3f041c54-e8e9-4cdb-b122-88e50fee0728.webp\",\"articleSection\":[\"Networking\",\"Security\",\"Web\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/\",\"url\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/\",\"name\":\"Intelligent application protection from edge to cloud with Azure Web Application Firewall | Microsoft Azure Blog\",\"isPartOf\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2022\/05\/3f041c54-e8e9-4cdb-b122-88e50fee0728.webp\",\"datePublished\":\"2022-05-03T00:00:00+00:00\",\"dateModified\":\"2025-06-18T06:49:55+00:00\",\"description\":\"Cyberattacks are becoming more common and advanced with growing attack surfaces due to the proliferation of mobile and IoT devices and increasing cloud adoption. To help our customers address these security challenges, we have been evolving Azure Web Application Firewall (Azure WAF), our cloud-native, self-managed security service to protect your applications and APIs running in Azure or anywhere else\u2014from the network edge to the cloud.\",\"breadcrumb\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/#primaryimage\",\"url\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2022\/05\/3f041c54-e8e9-4cdb-b122-88e50fee0728.webp\",\"contentUrl\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2022\/05\/3f041c54-e8e9-4cdb-b122-88e50fee0728.webp\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Blog home\",\"item\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Networking\",\"item\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/category\/networking\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Intelligent application protection from edge to cloud with Azure Web Application Firewall\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/#website\",\"url\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/\",\"name\":\"Microsoft Azure Blog\",\"description\":\"Get the latest Azure news, updates, and announcements from the Azure blog. From product updates to hot topics, hear from the Azure experts.\",\"publisher\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/#organization\",\"name\":\"Microsoft Azure Blog\",\"url\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2024\/06\/microsoft_logo.webp\",\"contentUrl\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2024\/06\/microsoft_logo.webp\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Azure Blog\"},\"image\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/microsoftazure\",\"https:\/\/x.com\/azure\",\"https:\/\/www.instagram.com\/microsoftdeveloper\/\",\"https:\/\/www.linkedin.com\/company\/16188386\",\"https:\/\/www.youtube.com\/user\/windowsazure\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/#\/schema\/person\/c702e5edd662b328b49b7e1180cab117\",\"name\":\"shakir\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/9342c7c05bb16548741bc5cd3a3e3b7ee0c8e746844ad2cc582db5beb5514c6f?s=96&d=mm&r=g7664e653ea371ce16eaf75e9fa8952c4\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/9342c7c05bb16548741bc5cd3a3e3b7ee0c8e746844ad2cc582db5beb5514c6f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/9342c7c05bb16548741bc5cd3a3e3b7ee0c8e746844ad2cc582db5beb5514c6f?s=96&d=mm&r=g\",\"caption\":\"shakir\"},\"sameAs\":[\"https:\/\/azure.microsoft.com\"],\"url\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/author\/shakir\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Intelligent application protection from edge to cloud with Azure Web Application Firewall | Microsoft Azure Blog","description":"Cyberattacks are becoming more common and advanced with growing attack surfaces due to the proliferation of mobile and IoT devices and increasing cloud adoption. To help our customers address these security challenges, we have been evolving Azure Web Application Firewall (Azure WAF), our cloud-native, self-managed security service to protect your applications and APIs running in Azure or anywhere else\u2014from the network edge to the cloud.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/","og_locale":"en_US","og_type":"article","og_title":"Intelligent application protection from edge to cloud with Azure Web Application Firewall | Microsoft Azure Blog","og_description":"Cyberattacks are becoming more common and advanced with growing attack surfaces due to the proliferation of mobile and IoT devices and increasing cloud adoption. To help our customers address these security challenges, we have been evolving Azure Web Application Firewall (Azure WAF), our cloud-native, self-managed security service to protect your applications and APIs running in Azure or anywhere else\u2014from the network edge to the cloud.","og_url":"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/","og_site_name":"Microsoft Azure Blog","article_publisher":"https:\/\/www.facebook.com\/microsoftazure","article_published_time":"2022-05-03T00:00:00+00:00","article_modified_time":"2025-06-18T06:49:55+00:00","og_image":[{"url":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2022\/05\/3f041c54-e8e9-4cdb-b122-88e50fee0728.webp","type":"","width":"","height":""}],"author":"Gunjan Jain","twitter_card":"summary_large_image","twitter_creator":"@azure","twitter_site":"@azure","twitter_misc":{"Written by":"Gunjan Jain","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/#article","isPartOf":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/"},"author":[{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/author\/gunjan-jain\/","@type":"Person","@name":"Gunjan Jain"}],"headline":"Intelligent application protection from edge to cloud with Azure Web Application Firewall","datePublished":"2022-05-03T00:00:00+00:00","dateModified":"2025-06-18T06:49:55+00:00","mainEntityOfPage":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/"},"wordCount":1411,"commentCount":0,"publisher":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/#organization"},"image":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/#primaryimage"},"thumbnailUrl":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2022\/05\/3f041c54-e8e9-4cdb-b122-88e50fee0728.webp","articleSection":["Networking","Security","Web"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/","url":"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/","name":"Intelligent application protection from edge to cloud with Azure Web Application Firewall | Microsoft Azure Blog","isPartOf":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/#primaryimage"},"image":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/#primaryimage"},"thumbnailUrl":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2022\/05\/3f041c54-e8e9-4cdb-b122-88e50fee0728.webp","datePublished":"2022-05-03T00:00:00+00:00","dateModified":"2025-06-18T06:49:55+00:00","description":"Cyberattacks are becoming more common and advanced with growing attack surfaces due to the proliferation of mobile and IoT devices and increasing cloud adoption. To help our customers address these security challenges, we have been evolving Azure Web Application Firewall (Azure WAF), our cloud-native, self-managed security service to protect your applications and APIs running in Azure or anywhere else\u2014from the network edge to the cloud.","breadcrumb":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/#primaryimage","url":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2022\/05\/3f041c54-e8e9-4cdb-b122-88e50fee0728.webp","contentUrl":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2022\/05\/3f041c54-e8e9-4cdb-b122-88e50fee0728.webp"},{"@type":"BreadcrumbList","@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog home","item":"https:\/\/azure.microsoft.com\/en-us\/blog\/"},{"@type":"ListItem","position":2,"name":"Networking","item":"https:\/\/azure.microsoft.com\/en-us\/blog\/category\/networking\/"},{"@type":"ListItem","position":3,"name":"Intelligent application protection from edge to cloud with Azure Web Application Firewall"}]},{"@type":"WebSite","@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/#website","url":"https:\/\/azure.microsoft.com\/en-us\/blog\/","name":"Microsoft Azure Blog","description":"Get the latest Azure news, updates, and announcements from the Azure blog. From product updates to hot topics, hear from the Azure experts.","publisher":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/azure.microsoft.com\/en-us\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/#organization","name":"Microsoft Azure Blog","url":"https:\/\/azure.microsoft.com\/en-us\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2024\/06\/microsoft_logo.webp","contentUrl":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2024\/06\/microsoft_logo.webp","width":512,"height":512,"caption":"Microsoft Azure Blog"},"image":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/microsoftazure","https:\/\/x.com\/azure","https:\/\/www.instagram.com\/microsoftdeveloper\/","https:\/\/www.linkedin.com\/company\/16188386","https:\/\/www.youtube.com\/user\/windowsazure"]},{"@type":"Person","@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/#\/schema\/person\/c702e5edd662b328b49b7e1180cab117","name":"shakir","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/9342c7c05bb16548741bc5cd3a3e3b7ee0c8e746844ad2cc582db5beb5514c6f?s=96&d=mm&r=g7664e653ea371ce16eaf75e9fa8952c4","url":"https:\/\/secure.gravatar.com\/avatar\/9342c7c05bb16548741bc5cd3a3e3b7ee0c8e746844ad2cc582db5beb5514c6f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9342c7c05bb16548741bc5cd3a3e3b7ee0c8e746844ad2cc582db5beb5514c6f?s=96&d=mm&r=g","caption":"shakir"},"sameAs":["https:\/\/azure.microsoft.com"],"url":"https:\/\/azure.microsoft.com\/en-us\/blog\/author\/shakir\/"}]}},"msxcm_display_generated_audio":false,"msxcm_animated_featured_image":null,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Azure Blog","distributor_original_site_url":"https:\/\/azure.microsoft.com\/en-us\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/posts\/7742","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/comments?post=7742"}],"version-history":[{"count":1,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/posts\/7742\/revisions"}],"predecessor-version":[{"id":42188,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/posts\/7742\/revisions\/42188"}],"wp:attachment":[{"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/media?parent=7742"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/categories?post=7742"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/tags?post=7742"},{"taxonomy":"audience","embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/audience?post=7742"},{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/content-type?post=7742"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/product?post=7742"},{"taxonomy":"tech-community","embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/tech-community?post=7742"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/topic?post=7742"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/coauthors?post=7742"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}