Public preview: Application Gateway web application firewall
The web application firewall (WAF) in Azure Application Gateway helps protect web applications from common web-based attacks like SQL injection, cross-site scripting attacks, and session hijacks. It comes preconfigured with protection from threats identified by the Open Web Application Security Project (OWASP) as the top 10 common vulnerabilities.
The firewall is simple to deploy and provides logging to continuously monitor web applications against exploits. Customers can run Application Gateway WAF in both protection and detection-only modes. This public preview feature is being offered as part of the WAF tier.
For more information, please see the Application Gateway web application firewall documentation.