Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot (formerly IT Central Station)
  • 0
  • 4

What is your primary use case for AWS WAF?

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

PeerSpot user
18 Answers
Kavin Kalaiarasu - PeerSpot reviewer
Security Analyst at M2P Fintech
Real User
Top 10
Oct 13, 2022

We partner with many banks in India, and many partners use our portals to access their credit card or debit card information. So we use AWS WAF to protect our web application servers, app servers, and API servers from any malicious attacks which arise from the public internet. We also use AWS WAF for virtual patching of our servers to prevent any malicious requests from reaching the gateway to our internal systems.

Search for a product comparison
Regional Security Team Lead at a computer software company with 1,001-5,000 employees
Real User
Aug 23, 2022

We use this solution to protect our web applications against common vulnerabilities. The CDN component is also quite powerful. We use this solution alongside Azure WAF.

Trivikram Rajendreaprabhu - PeerSpot reviewer
Senior security engeneer at a media company with 1,001-5,000 employees
Real User
Top 5
Jul 19, 2022

We primarily use this solution for monitoring and blocking to ensure protection against application layer attacks. These include application-related core rules, database-specific attacks, Linux-based attacks and some custom rules deployed. These rules assist us in blocking specific attacks that come from the internet into our cloud infrastructure.

Cloud architect at a tech vendor with 1-10 employees
Real User
Top 10
Dec 29, 2021

We use this product for our web application firewall. It is used for production services. I am not a direct customer but I have installed it for one of my clients.

Principal Cloud Architect at a tech services company with 51-200 employees
Real User
Top 20
Dec 28, 2021

We use AWS WAF to prevent cyberattacks, such as SQL Injection attacks and cross-site scripting attacks. The end users' traffic has more threats and the web application gives good support.

Engineer at a renewables & environment company with 1,001-5,000 employees
Real User
Top 20
Dec 20, 2021

At the moment, it's just myself working with AWS WAF in my company, and our use case for it is normal, or what you would expect from a Web Application Firewall. That includes basic DoS blocking and malicious IP address blocking. It's not a big thing for us, and just takes care of our baseline security.

Learn what your peers think about AWS WAF. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
654,218 professionals have used our research since 2012.
Solution Architect at a non-profit with 10,001+ employees
Real User
Top 20
Aug 11, 2021

While I cannot say for certain, I believe that we are using the latest version.

DanielSeco - PeerSpot reviewer
Jefe subdepartamento Operaciones at a government with 10,001+ employees
Real User
Top 5
Apr 17, 2021

I primarily use the solution as a gateway service and a transaction portal.

AWS Security Specialist at a tech services company with 501-1,000 employees
Real User
Top 20
Mar 9, 2021

We use this solution for online web applications.

Rodrigo Garcia - PeerSpot reviewer
Physical Designer at Semtech Corporation
Real User
Nov 11, 2020

The regular use case is basically for blocking or giving access to different vendors to different domains. We also use it for managing and identifying the attacks and new rules that we should implement for our public domains to tune up the application firewall or tool, whatever makes more sense for us. We're using it through the web console and API. We're just using the managed service.

President at a tech services company with 1-10 employees
Real User
Sep 13, 2020

My whole business is cloud cost management. What I do is help people manage expenses. That encompasses everything from cleaning up software as a service subscriptions to optimizing AWS. My use cases for AWS WAF have to do with cloud research only.

Vinamra Singhai - PeerSpot reviewer
Principal Engineer at Nineleaps Technology
Real User
Aug 5, 2020

There are two things that we primarily use AWS WAF (Amazon Web Services Web Application Firewall) for. One use is within the company. Within the company, the intended use is to deploy our applications. It is like working with the cloud. We can start an application in S3 (Simple Storage Service), and use profiles for access to data. The other use is that most of our clients use a similar infrastructure. They are either using AWS, Azure or maybe Google Cloud Platform (GCP). We deploy this solution for them. Both uses are different. One is for the cloud solutions like AWS, Azure and GCP, and one is for the local server access. That is how you want to secure a server. You are securing a server, database, app servers, and ATA gateways. The other one is for implementing security for the AWS. You want to have both running side-by-side. Let me give you an example. Suppose, most of the people working for your company are connected from external locations with company-provided laptops or systems. I want to check all devices to make sure that they are being used in a secure way and not creating any breach of security. Those checks cannot be taken care of reliably from the AWS perspective. This is why you need two solutions.

it_user1376373 - PeerSpot reviewer
Cloud security Consultant at 8KMiles
Jul 5, 2020

A primary use case example is when a customer from the cloud wants to expose his applications to the internet. We make sure that the clients, the applications, whatever they're trying to export, are public but that it's not going directly public. We make a backup, for instance, to protect the sellers and applications from security checks, etc.

it_user753234 - PeerSpot reviewer
IT Governance at Globecast
Real User
Mar 22, 2020

Our primary use case is to protect our internal web solution. We use it to have an internal application for our customers. We are an SME worldwide company, so we have some internal website solutions architects that use this as an internal portal to the internet. We apply a WAF front to our web application.

Principal Consultant at a tech services company with 10,001+ employees
Feb 5, 2020

We are a technical services company and this is one of the solutions that we have helped implement for our clients. We stopped using AWS about six months ago and as such, we are not currently using the AWS Web Application Firewall.

MohammedAbourafia - PeerSpot reviewer
Manager, IT Infrastructure & Information Security at flyadeal
Real User
Dec 5, 2019

I'm a manager and in charge of IT infrastructure and information security for an airline company. We're a customer of AWS WAF. We use the product to protect the websites that our customers access to book flights. It provides the sites with DDoS protection and OWASP top 10 application security.

Head of Digital Product Office at a energy/utilities company with 10,001+ employees
Real User
Sep 8, 2019

We primarily use the solution for its rich insights to improve customer experience.

AdviseIT67 - PeerSpot reviewer
Cloud Architect at Tata Consultancy Services
Real User
Top 20
Sep 5, 2019

The primary use of the solution is for perimeter security. I use it to secure my application and infrastructure.

Related Questions
Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
Dec 1, 2021
How does AWS WAF compare to Microsoft Azure Application Gateway? Which is better and why?
See 1 answer
Dovid Gelber - PeerSpot reviewer
Tech blogger
Dec 1, 2021
Our organization ran comparison tests to determine whether Amazon’s Web Service Web Application Firewall or Microsoft Azure Application Gateway web application firewall software was the better fit for us. We decided to go with AWS WAF, which we found to be a highly scalable solution. In its cloud version, AWS WAF makes use of a concept known as auto-scaling. What this means is that users have the ability to scale the program up or down according to what their needs happen to be at the time. The software does this automatically, without requiring administrators to provide any outside input. This can save organizations a great deal in terms of time and resources. It is true that AWS WAF lacks the ability to integrate with some third-party products. However, even without this ability to integrate, its automated scaling makes it quite robust. Microsoft Azure Application Gateway is also quite scalable. That being said, it is not as effective in this regard as AWS WAF. The scaling provided by Microsoft Azure Application Gateway is not automatic. Administrators are required to manually scale up the product themselves if they want it to handle a larger load. This takes up time and resources that could be spent on other things. AWS WAF has a robust set of security features. Its firewall can protect against different types of cyber-attacks. It can repel both scripting and database-injection attacks. When it does so, it redirects the attack to a Fail2ban program, which marks the IP addresses where the attack originates as unsafe and bans them from the system. This can provide administrators with peace of mind. Microsoft Azure Application Gateway provides administrators with an effective way to protect their systems against attacks. However, it lacks security tools, such as the ability to block harmful IP addresses. As a result, there will be a greater expenditure of time dealing with all of the threats that the program has not simply blocked. Conclusion: While Microsoft Azure Application Gateway is a fairly competent product, we found AWS WAF to be a superior product. AWS WAF’s automated scaling and exceptional security package make it a more robust program.
DevOps Senior Engineer at Fingerhut
Oct 21, 2021
Hello, Has anyone migrated from Akamai services to AWS Cloud front and WAF? Can you please share your experience on this process and on using Amazon CloudFront and AWS WAF? Thanks for the help!
Related Solutions
Download Free Report
Download our free AWS WAF Report and get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
654,218 professionals have used our research since 2012.