Web Application Firewall - security system that filters HTTP traffic to web applications. Like having a security guard that checks everyone entering a building and blocks suspicious visitors.
E-commerce websites use WAF to block SQL injection attacks and other malicious web traffic automatically.
All four provide managed web application firewall capabilities to filter and block malicious HTTP(S) requests (e.g., SQLi, XSS). AWS WAF commonly attaches to CloudFront/ALB/API Gateway; Azure WAF is typically used with Application Gateway or Front Door; Google Cloud Armor protects apps behind Google Cloud load balancers and integrates with reCAPTCHA Enterprise; OCI WAF protects web apps and APIs in front of OCI services and origins.
Explore real-world architectures from our community that use WAF: