Azure Web Application Firewall
A cloud-native web application firewall (WAF) service that provides powerful protection for web apps
Get better security for your web applications
Help protect your web apps from malicious attacks and common web vulnerabilities, such as SQL injection and cross-site scripting. With the cloud-native Azure web application firewall (WAF) service, deploy in minutes and only pay for what you use.
Protection for the top 10 Open Web Application Security Project (OWASP) security vulnerabilities
Deploy in minutes with improved security in a single click
Customized rules to meet your web app security requirements
Near real-time visibility and alerts through Azure Monitor
Enhance security with high availability and scale
Optimize performance with Azure Web Application Firewall deployed with Azure Front Door. Increase throughput for your global users with edge load balancing and application acceleration. Optimize your web app for high availability and scalability—with built-in auto-scaling and zone redundancy.What is cloud-native Azure Network Security
Get managed rule sets to protect web apps
Help protect web applications from common vulnerabilities and exploits. Easily add and customize new rules to meet your application security requirements. Get a comprehensive list of web app firewall rule schemas and rules based on the OWASP core rule sets (CRS) 3.1/3.0.Belgeleri okuyun
Deploy quickly to keep web apps protected
Easily deploy within minutes with no additional software required. Configure and enable Azure Web Application Firewall on your web application. Then, centrally define your rules and reuse them across all the web apps that you need to protect. Learn how to customize web application firewall rules in the Azure portal.Belgeleri okuyun
Improve cost effectiveness for web app protection
Get competitive pricing for web application protection and pay only for what you use—with no minimum fees and no upfront commitments.
Why trust web application firewall to protect your applications?
Microsoft, siber güvenlik araştırma ve geliştirme çalışmalarına her yıl 1 milyar ABD Dolarını aşan yatırımlar yapıyor.
We employ more than 3500 security experts who are completely focused on securing your data and privacy.
Azure WAF is integrated with Azure Security Center
Get started with Azure Web Application Firewall
Related products for developers
Build, deploy, and scale web apps on a fully managed platform.Daha fazla bilgi edinin
Protect your apps with cloud-native firewalling capabilities—with built-in high availability, unrestricted cloud scalability, and zero maintenance.Daha fazla bilgi edinin
Azure DDoS Protection
Protect your applications from Distributed Denial of Service (DDoS) attacks.Daha fazla bilgi edinin
Trusted by companies of all sizes
Polycom gains scalability and access to global markets
This telecommunications leader uses the growing global network of Azure datacenters to achieve geo-redundancy and high levels of availability, delivering a great VC experience to users.
Global energy company gets an edge with low-latency, hub-and-spoke topology
Italian energy company, Eni, used hub-and-spoke architecture on Azure to get enterprise-grade controls and meet the security bar set by the enterprise.
Security DevOps company simplifies deployments with Azure
WhiteSource, a security DevOps-oriented company, uses the monitoring, availability, and scalability capabilities with Azure to simplify open-source usage management for security and compliance professionals worldwide.
Frequently asked questions about Azure Web Application Firewall
Azure Web Application Firewall is a cloud-native service that protects your web applications from bot attacks and common web vulnerabilities such as SQL injection and cross-site scripting.
Yes. For more information, see the documentation on customizing web application firewall rule groups and rules.
Yes. You can enable DDoS protection on the virtual network where the application gateway is deployed. This setting ensures that the Azure DDoS Protection service also protects the application gateway virtual IP (VIP).