Web Application Firewall, also known as a WAF, is a security appliance that blocks traffic from entering a cloud environment. WAF’s can be setup with rules to block traffic from geographic regions or blacklisted IP addresses etc. WAF’s are usually deployed in front of a load balancer or API Gateway so that all traffic is evaluated before it is allowed to ingress into the cloud. Many of the major cloud providers offer a WAF as a service offering, for example AWS WAF, Azure WAF and Google Cloud Armor. WAF’s can protect a business from a denial of service attack and can be configured by administrators.
What do we mean by this?
The moat around your application.