Try our new research platform with insights from 80,000+ expert users

AWS WAF Valuable Features

reviewer1340643 - PeerSpot reviewer
Security Engineer at a computer software company with 1,001-5,000 employees
Some valuable features of AWS WAF include its seamless integration and ease of orchestration within the AWS platform. We are an AWS-focused organization, so most of our workloads run on AWS, making integration effortless. Although AWS WAF is not stateful, it offers a time-saving solution with its custom rulesets that enhance security and simplify management. View full review »
Kavin Kalaiarasu - PeerSpot reviewer
Security Analyst at M2P Fintech

The cloud-native nature of AWS is crucial since most of our workload is in AWS, making AWS WAF native to Amazon Web Services. This aspect is the most important reason for switching to AWS WAF. 

Additionally, the ease of creating and enforcing new rules and studying them is a valuable feature for me. I switched from other vendors to prioritize AWS WAF for better control within our infrastructure.

View full review »
EN
OCI/AWS Consultant at a government with 11-50 employees

AWS WAF acts as a barrier, analyzing HTTP communications between external users and web applications. It gives flexibility in HTTP communication, which is a feature I like.

View full review »
Buyer's Guide
AWS WAF
July 2025
Learn what your peers think about AWS WAF. Get advice and tips from experienced pros sharing their opinions. Updated: July 2025.
860,632 professionals have used our research since 2012.
reviewer2143125 - PeerSpot reviewer
Director of Security Architecture at a healthcare company with 10,001+ employees

We integrate AWS WAF with several platforms within cloud hosting and other security solutions and provisions in our business. Regarding AI, it's been around for about 20 years, so it's not new. It's just a new buzzword. I've been in security for 30 years and remember using AI when I started 25-30 years ago. We have multiple forms of AI within our business.

View full review »
Sita Thomas - PeerSpot reviewer
Associate Vice President - Engineering at Fedo.ai

One of the most valuable features of AWS WAF is its ability to filter web app traffic, allowing us to specify conditions such as IP addresses and HTTP headers. We can create rules accordingly to prevent attacks, like SQL injection and cross-site scripting. AWS WAF, combined with firewall manager, enhances security by allowing us to specify security rules. Custom rules are useful for allowing access to specific traffic, and AWS WAF handles false positives by limiting requests from certain IPs or setting geographic match conditions.

View full review »
AK
AWS DevOps SRE/Infrastructure Engineer at YES!Delft

The automation of blocking for security attacks is valuable, with AWS applying rate limiting. The custom rules depend on rate limiting and origin address to secure infrastructure. OWASP integration with reverse proxy APIs like Kong API supports security against potential attacks.

View full review »
Rohit Kesharwani - PeerSpot reviewer
Manager, Engineering at 7-Eleven

Our retail application is vulnerable to a lot of bot attacks. AWS WAF helps mitigate different kinds of bot attacks and SQL injection that happen within the retail industry.

View full review »
AshishGautam - PeerSpot reviewer
IT Project Manager at Rajiv Gandhi Cancer Institute In India

Due to security concerns or reasons, I recommend others to use AWS WAF and control the requests from multiple countries from a hacking point of view.

View full review »
Abdul Qayyum - PeerSpot reviewer
Software Architect at Vodworks

The most valuable feature of AWS WAF is its highly configurable rules system. You can set up rules based on specific criteria like SQL injection, general web threats, and even advanced features like DDoS protection and region-based blocking. The richness of available rules, including options for custom rule configurations from third-party partners, enhances its effectiveness.

View full review »
UU
Manager - Cyber Security and SOC at Continental Tire

The ease of deployment of the product is valuable to me. AWS WAF might be one of the easiest WAFs that can be deployed. The only constraint is that our application must be running in AWS.

View full review »
Manikandan-R - PeerSpot reviewer
Senior Project Manager at Synopsys Inc

Rule groups are valuable. We use it for DDoS. We do customizations with the help of Managed Rules in AWS. We use AWS WAF’s API to automate security tasks. The rule creation is similar to automation. We have enough understanding of how things work. It’s been one year since we have automated the tasks.

View full review »
Aditya Mehta - PeerSpot reviewer
Director at AM Equipment & Services Private Limited

AWS WAF is very easy to use and configure on AWS. It is easy to make rules and very fast to set it up on AWS.

View full review »
Aravind D - PeerSpot reviewer
Senior Cloud Engineer at ASSA ABLOY Group

WAF filters based on IPs. If hackers try to insert bugs, the tool blocks it.

View full review »
KO
DevOps Engineer at SEKAI

The most valuable feature is that it is very easy to configure. It just takes a couple of minutes. 

View full review »
reviewer1953606 - PeerSpot reviewer
Senior Administrator at a media company with 51-200 employees

The most valuable feature of AWS WAF is the OWASP filtering rules. They filter a lot of attacks out. Moreover, the service includes DDoS protection.

View full review »
IP
Group IT Manager at Civcns

Custom rules are valuable to us. We have country-specific rules that we apply. The solution meets all our requirements. We never had a problem with the tool. The interface is good. We never had downtime. The solution does its job.

View full review »
Akshit Malik - PeerSpot reviewer
Junior Associate - IT at a tech services company with 201-500 employees

The addition of managed tools that help us create customizable rules. In case we want to block a particular request, we can make use of those rules.

View full review »
RG
Chief Technology Officer at GyFTR - Vouchagram India Pvt Ltd

The web solution effectively protects from vulnerabilities and cyber attacks. 

The solution is menu driven and operates with no coding.

It is easy to manage and use the solution. 

View full review »
Kavin Kalaiarasu - PeerSpot reviewer
Security Analyst at M2P Fintech

I believe the most impressive features are integration and ease of use. The best part of AWS WAF is the cloud-native WAF integration. There aren't any hidden deployments or hidden infrastructure which we have to maintain to have AWS WAF. AWS maintains everything; all we have to do is click the button, and WAF will be activated. Any packet coming through the internet will be filtered through. 

View full review »
Adrian Milea - PeerSpot reviewer
Raiffeisen at Raiffeisen Bank Romania

The most important aspect for us is that AWS WAF is easy to deploy. The ease of implementation, ease of management, and flexibility are great. We like the potential for pay as you grow as you have instant deployment, infrastructure as a code, or any other automation tools that can leverage these deployments. The most important thing for us is that it stays flexible and scalable. That is true not only with WAF but with all the cloud services where you can provision any product in minutes. 

With the cloud, you have these integrated tools that provide a single glass pane. 

You have automation, ease of export, or ease of seeing the logs and exporting to a SIEM; these aspects are also great. The agility is great for us in terms of cloud services in general.

Usually, if we're talking about standard WAF, this is easy to deploy and is good at protecting low to medium applications.

View full review »
reviewer2231622 - PeerSpot reviewer
Infrastructure Engineer

The most valuable feature is the capability to limit access based on geographical location by restricting specific IP addresses.

View full review »
KU
Linux admin at Ameex Technologies

AWS WAF is a firewall we use from time to time in my company.

View full review »
Aravindhan Suresh - PeerSpot reviewer
DevOps Engineer at Hippo Video

What I like best about AWS WAF is that it's a simple tool, so I could understand the basics of AWS WAF in two to three hours. From the start, I know its purpose and its use case.

AWS WAF also has documentation. It's a user-friendly tool, and it's easy to know how to block the IPs and endpoints.

View full review »
Venkatesh VRH - PeerSpot reviewer
Cloud Security Manager at a computer software company with 501-1,000 employees

AWS WAF is something that someone from a cloud background or cloud security background leverages. If they want to natively use a solution in the cloud, AWS WAF comes in handy. It's very useful for that, and the way we can fine-tune the WAF rules is also nice.

View full review »
reviewer1143783 - PeerSpot reviewer
Advisory and IT Transformation Consultant at a tech services company with 10,001+ employees

The most valuable feature of AWS WAF is the extra layer of security that I have when connecting to my web applications.

View full review »
Trivikram Rajendreaprabhu - PeerSpot reviewer
Senior security engeneer at a media company with 1,001-5,000 employees

The customizable features are good. For example, we can write our own rules and match character and size limits.

View full review »
Prasanth MG - PeerSpot reviewer
Software Engineer at Readyly

The solution allows us to set up rules for blocking malicious requests. We can configure a pool of such sources and choose what to do (allow/block/count) when a request comes from them.

View full review »
reviewer2032722 - PeerSpot reviewer
Security implmentation engineer at a security firm with 51-200 employees

We do not have to maintain the solution. Amazon maintains the product.

View full review »
Dale Ellwood - PeerSpot reviewer
IT Infrastructure Architect at GoSee Travel

The solution's price is affordable compared to Fastly.

View full review »
PC
Independent Consultant at Unaikui

AWS WAF is a great solution. We can host any DB or application on the solution.

View full review »
reviewer1530864 - PeerSpot reviewer
Engineer at a renewables & environment company with 501-1,000 employees

As a basic WAF, it's better than having nothing. So if you need something simple out of the box with default features, AWS WAF is good.

View full review »
reviewer1498707 - PeerSpot reviewer
Solution Architect at a non-profit with 10,001+ employees

I like the scalability, as it provides platform, infrastructure and software as a service. These are the best features. When it comes to the API Gateway, such as Amazon Web Application Framework, the web application will be protected by all industry standard security aspects. We are talking about encryption, firewalls, SSL and TLS. Basically, all web exploit policies and rules will be applied, so that one's web or mobile app can be highly secured.

In terms of hosting the instances, the solution takes care of all necessary scaling to ensure that the application load is balanced. The horizontal or vertical scaling can be automatically removed. As such, AWS provides many services and features. 

View full review »
RG
Physical Designer at Semtech Corporation

The access instruction feature is the most valuable. This is what we use the most.

View full review »
VS
Principal Engineer at a tech services company with 51-200 employees

The most valuable feature is the ability to use the product to enhance security in deploying web applications.  

View full review »
ND
Head of Digital Product Office at a energy/utilities company with 10,001+ employees

The ability to take multiple data sets and match those data sets together is the solution's most valuable feature. The data lake that comes with it is very useful because that allows us to match data sets with different configurations that we wouldn't normally be able to match.

The AI functionality and the machine learning are very good.

View full review »
Uddeshya Kumar - PeerSpot reviewer
Product Owner at SecLogic Limited

All the features are good. AWS Lambda and S3 are valuable tools. We have to use these tools when we build applications.

View full review »
Ashish  Paikrao - PeerSpot reviewer
Cloud Infrastructure Engineer at Pathlock

The product’s availability, ease of configuration, and documentation are valuable.

View full review »
TM
AWS Security Specialist at a computer software company with 1,001-5,000 employees

The most valuable feature of the solution is the ability to integrate central sets. It protects from intrusion attacks such as scripting and SQL injections. 

View full review »
reviewer1399293 - PeerSpot reviewer
Superintendent of Cloud Platforms at a manufacturing company with 1,001-5,000 employees

We preferred the product based on its cost. AWS WAF is an out-of-the-box solution and integrates with the AWS services that we use. It's natively integrated with AWS

View full review »
Prakash-Kumar - PeerSpot reviewer
CEO at Axcess.io

The stability of AWS WAF is valuable.

View full review »
reviewer1940067 - PeerSpot reviewer
Regional Security Team Lead at a computer software company with 1,001-5,000 employees

The simple configuration and the scalability have been most valuable. We are able to scale across all of our different AWS instances.

View full review »
it_user1556748 - PeerSpot reviewer
Jefe subdepartamento Operaciones at a government with 10,001+ employees

We haven't had any issues with the solution so far.

The pricing of the product is very good. They make it very reasonable and it's very easy to afford.

Their technical support has been quite good.

The performance is excellent. It's reliable.

We've found the solution to be quite stable.

View full review »
reviewer1515378 - PeerSpot reviewer
AWS Security Specialist at a tech services company with 501-1,000 employees

The most valuable features are the geo-restriction denials and the web ACL.

I enjoy using it because it is very easy.

Also, it's quite efficient.

View full review »
reviewer1410801 - PeerSpot reviewer
President at a tech services company with 1-10 employees

The best part about it is that it is a cloud solution.  

View full review »
it_user1376373 - PeerSpot reviewer
Cloud security Consultant at 8KMiles

There are two models. One is, you can use the free services which you can download from the AWS website. There is also a paid version, where you can go for individual vendors, like Impala, Fortinet, and different vendors, which helps you to attain the top end web application security. It helps them to update the security patches, etc.

AWS has flexibility in terms of WAF rules. Users can choose from using a free service, which you can do from your own end, or a third-party vendor if you want to as well by choosing a paid version. WAF rules can be managed either by your own self or you can go for a third party.

The best thing with the solution is there is no hard and fast route and when I go for AWS. It's not a monopoly environment.

View full review »
it_user753234 - PeerSpot reviewer
IT Governance at PeerSpot

The most valuable aspect is that it protects our code. It's a bit difficult to overwrite code in our application. It also protects against threats. It's important to protect the code against the threats on the internet. It redirects any threat, any attack, to a Fail2ban mechanism.

View full review »
reviewer1275378 - PeerSpot reviewer
Principal Consultant at a tech services company with 10,001+ employees

The most valuable feature is the scalability because it automatically scales up or scales down as per our requirements.

View full review »
it_user1220484 - PeerSpot reviewer
Manager, IT Infrastructure & Information Security at flyadeal

The best features are the security firewall and the features that protect against database injections or scripting, and against overall OWASP top 10, but I have concerns about the cloud front which doesn't handle bot attacks properly, so it's not as effective as I would like it to be.

View full review »
reviewer1143783 - PeerSpot reviewer
Advisory and IT Transformation Consultant at a tech services company with 10,001+ employees

Fast deployment and auto-manage are the most valuable aspects of the solution. The auto-manage primarily reacts and has to do all the little things like putting in the ACL, etc. 

View full review »
Develope2e0c - PeerSpot reviewer
Developer at a tech services company with 1-10 employees

The customized billing is the most valuable feature.

View full review »
Founder4214 - PeerSpot reviewer
Founder at a consultancy with 1-10 employees

Protection and WAF.

View full review »
Engineera5be - PeerSpot reviewer
Engineer at a tech vendor with 501-1,000 employees
  • It's simple, easy to use.
  • Integration.
View full review »
CL
Senior Information Security Specialist at a tech services company with 1,001-5,000 employees

The most valuable feature is the way it blocks threats to external applications.

View full review »
NetworkAf67c - PeerSpot reviewer
Network Analyst

The most valuable feature is the security, making sure that files are protected, preventing unauthorized users from accessing the system. These are the best.

View full review »
reviewer1234011 - PeerSpot reviewer
Cloud architect at a tech vendor with 1-10 employees

The most valuable feature is that it is integrated with other AWS services.

View full review »
reviewer1230804 - PeerSpot reviewer
Principal Cloud Architect at a tech services company with 51-200 employees

The most valuable features of AWS WAF are its cloud-native and on-demand.

Any customer can leverage AWS WAF immediately, it has a basic set of rules that are available.

View full review »
reviewer939417 - PeerSpot reviewer
IT Auditor & Compliance Officer at a tech vendor with 51-200 employees

AWS WAF has a lot of integrated features and services. For example, there are security services that can be integrated very well for our customers.

View full review »
Buyer's Guide
AWS WAF
July 2025
Learn what your peers think about AWS WAF. Get advice and tips from experienced pros sharing their opinions. Updated: July 2025.
860,632 professionals have used our research since 2012.