Web Application and API Protection Reviews and Ratings

What is Web Application and API Protection?

Gartner defined Web Application and API Orotection (WAAP) as the evolution of the web application firewall market (WAF), expanding WAF capabilities to four core features: WAF, DDoS protection, bot management and API protection. WAAP development started with cloud-delivered WAF services that were easier to deploy, and from the start bundled WAF with DDoS protection. Slowly, the WAF market evolved to offer more than basic capabilities for bot management and API protection. 2019 marked a tipping point with four vendors acquiring specialized bot mitigation providers. During 2020, Gartner observed improvements related to API security features availability, but also more stringent enterprises’ requirements related to the four core WAAP features.

Products In Web Application and API Protection Market

"Fully complete security firewall option from Sucuri Website Firewall."

This is a fully complete security firewall option which means it covers most threats having to do with our site security. It includes malware cleanup, monitoring and protection options. They supports many type of connections such as FTP, SFTP,SSH and cPanel etc. And server-side scanner automatically scans the back end of the sites which we want for malware detecting.

Read reviews

"Powerful and reliable protection "

For me the most pleasant part was to enjoy the holistic security cycle through security fabrics connecting this to our Fortinet installed base with more than 70 firewalls of all sizes, it was very simple and quite powerful, we had our first weekly report where we observed a null rate of false positives and accurate detection Above the product i can say that the professional services provided were essential to getting the configuration and full understanding, this made it quick and easy. Finally I liked the level of customization that the tool has offering several options even depending on the use and platform of the web resource, it is certainly something that is appreciated.

Read reviews

"Cloudflare WAF has been a valuable service and a supplement to our team's security efforts"

Cloudflare has partnered with our company to provide best-in-class service with an ever-growing portfolio of protections, which help us to appropriately secure and protect our web investments. They've worked well with us and have been very responsive when we've approached them with the tough questions about the latest threats and security intelligence, as well as the simpler things like pricing, configuration assistance or security-related trends in the industry. Their WAF plays an integral role in helping us to stay ahead of the curve, with relation to the latest threats and web-based exploits, helping us to reduce the attack surface dynamically and proactively, with minimal interaction and effort from our team.

Read reviews

"A very modular, high performance, multi platform, easy to deploy "Swiss Army Knife" WAF..."

A very modular, high performance, easy to deploy solution that can cover most the web stacks out there. The product can cover both the high value apps as well as the less visible apps with a single console. It offers a strong baseline protection that can be valuable to most teams. For the more advanced and application specific use cases not covered out of the box there are powerful custom capabilities that can be brainstormed and implemented with the help of professional services as "Advanced Rules".

Read reviews

"Citrix Web App Firewall… Protect business data successfully."

The data security guarantees provided by Citrix Web App Firewall are of the latest generation, they comply with all security systems on the web to avoid data loss regardless of whether users connect from a public network. Citrix Web App Firewall ensures that users cannot share company data, preventing data from falling into the wrong hands. The Citrix Web App Firewall user interface is one of the best on the market, everything is very educational and everyone can use it without requiring help. Citrix Web App Firewall is a software that I use daily in the company or from anywhere to ensure that security is not compromised by cyberattacks that are always very common. I'm always requesting reports from Citrix Web App Firewall so that I can handle security risks and I think they are a bit difficult to read, the user interface is very straightforward, but the reports can be complex.

Read reviews

"Give your Web Application the Security It Deserves"

AWS WAF is one of the best, if not the best, security tool for your Web Applications. This web application firewall helps you to protect your applications from all kinds of web attacks and make it much more safe and secure.

Read reviews

"Imperva WAF is Top Notch"

I am completely satisfied with the support and the account team as they are always responsive.The product works as expected and has matched all of our business outcomes to date. I am always learning something new and expanding the capabilities of the service that we purchased. I also like that we have expanded our engagement with Imperva to add the Advanced BOT Protection and I am looking forward to deploying that and becoming more knowledgeable of the Imperva platform to protect our environment. I can't also not say that we have had some challenges and limitations in some area, but that is more on how the product was purchased by my company and I am constantly working with my Imperva TAM and account team to make this better.

Read reviews

"Best Defender for Securing our Web Applications"

We have been using Multiple BIG-IP Modules for over last 5 years viz. LTM, GTM, DNS and this WAF solution integration and deployment were quite simple. As we know in the current generation we need just more than a Network Firewall or IPS to protect our precious applications from day-to-day attacks and vulnerabilities that creeps up on us - BIG-IP manages this really well with Zero-Day vulnerabilities and well-researched patch releases for this Intelligent ASM.

Read reviews

"Akamai Kona Site Defender is a must for our overall security program!"

Overall, our experience with Akamai Kona Site Defender has been positive. Akamai's support has been able to accommodate everything from short time frame emergency implementations to large global projects. Our company, like many others, is global and with this comes the need to be able to provide support at all hours. Akamai has been able to provide support to meet our change windows, off peak hours, etc.. as well as provide expertise during calls for any part of our Company.

Read reviews

"Imperva WAF - Robust and best security gateway product available in current market"

We are using Imperva WAF from past 8+ years, we have configured Imperva WAF gate way in reverse proxy mode and it is a robust virtual appliance and a very good WAF Product available in market for layer 7 application Load balancing and protection. All web requests, B2B traffic, API traffic flows through our Imperva Gateway with reverse proxy and various rate control policies makes our application secure and we meet all PCI and PII standards.

Read reviews

"Best tool for High Security in application level"

Our experience with Barracuda software has been quite satisfying. The enhanced security of our Web Application and guarantee of no cyber-attacks means a lot to our infrastructure productivity. Moreover, it was very easy for us to set up and its daily usage is also friendly and productive. Thanks, we are happy with the tool.

Read reviews

"Once of the finest WAF for most of the products out there "

Microsoft are one of the pioneers in the technology industry and they have a vast knowledge when it come security in a large scale. They are one of the worlds top brands when it comes to technology. Who better to trust than Microsoft to have your back in our organization. Microsoft Azure Web Application Firewall have a host of security features which will provide protection from malicious virus attacks which are fast increasing due to the current boom in the application over web use due to the Covid 19 crisis. We can be deployed the Azure Web application Fire wall through different approach as mentioned below 1. Azure Application Gateway 2. Azure Front Door 3. Azure Content Azure Front Door was the best suited for us so we went ahead with that. This may wary based on the application and the requirement. Each Azure WAF has it own performance limitation which will also play a major role when choosing which one to go with. It is very flexible when it come to this aspect. I can assure you that Azure front door support both WAF(Web application Firewall) HTTPS,IPv6 and IPv4. One of the best part of this WAF is the deployment time is hardly 5 minutes or even lesser that way it does not impact on much of a downtime during deployment. We as an organization are please with the performance of the product and have a great response from all of our clients. Our organization deals with data migration and our clients major requirement are data security. What is more reassuring for a customer when they know our application are protect but one of the global pioneers in the Information technology Industry

Read reviews

"Best WAF for the ease of management of WEB application security rules that I have seen."

The vendor is really reactive and present for support. One of the best WAF product, I saw for managing protection rules. There is no real DDoS system integrated. For API, oAUTH should be better integrated (still in early integration). Anyway the question is: should a WAF do the work of an API management system? We did not yet really use the programmatically features in production.

Read reviews

" 1187/5000 It can't be easier to implement a WAF"

It really is a very easy platform to manage, despite the complexity that a Web Application Firewall service represents, even for a person with very basic knowledge of infrastructure and application security. If it is important to understand the form that WAF services operate in general terms and understand that it is a cloud of services, today known under different names and forms; Software-as-a-Service (SaaS), Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS). It is quick to implement, it is enough to have all the requirements at hand, which in reality are very few and that any managed by more distracted than it can do. The learning time of the tool is relatively fast and you have results in the first hours. By relying on OWASP rules, these make the applications have to comply with norms and rules that allow the correct operation of applications, that will cause more demands for your development team, so an important factor of success for its implementation is to have the support, understanding and commitment of the Development team.

Read reviews

"Superb web Application security solution"

AppTrana is a fantastic and completely managed web application firewall that delivers Web application scanning tools to our business to secure our network and uncover application-layer vulnerabilities. It offers instant and managed risk-based protection with its WAF tools, Web site acceleration with a bundled CDN or integration with an existing CDN, and also Managed DDOS and Bot Mitigation services. It not only supports us incorrectly running our application and adhering to the performance and availability promises but also meets all requirements of network security and protection in our whole organization.

Read reviews

"Akamai- Great solution to safeguard applications from threats and attacks on systems"

Akamai has a powerful offering that helps protect and safeguard application hosted on different environments from malicious attacks, ransomware and bot attacks. It helps identify key threats that could hamper the systems and applications hosted on web. It helps address noise and traffic attack like bot mitigates on applications. Overall, it helps keep latest security threats at bay and allows to leverage machine learning algorithms to analyze data and find threats.

Read reviews

"F5 Advanced Web Application Firewall - Have all features required for WebApp Security"

Overall experience with F5 AWAF from evaluation to contract to deployment was good. Support and Technical team has expertise in technology and after understanding requirements, overall infrastructure, they suggest and design deployment strategy.

Read reviews

"High expectations come true in the duty of web security"

Based on personal experiences, AppWall is one of the great WAF solution. It is not too difficult to deploy in real environment and easy to use. The Appliance can be managed using centralized management GUI integrated with other Radware security and data delivery devices. The product offers stability and reliability with high performance and reasonable price. After sales service is fast and very professional. In conclusion, it is not a surprise if it turns out that AppWall is on the list of top 3 WAF in this modern era.

Read reviews

"Industry-leading partner"

Wallarm has provided us with nothing but stellar service when we contracted them for our penetration testing needs. They were flexible with our demands given the tight timelines we were operating under, they onboarded quickly and were incredibly effective at detecting vulnerabilities but also offered valuable insight as to how to improve our security culture.

Read reviews

"NGINX WAF protects applications against sophisticated attacks"

Nginx Waf enables seamless integration of strong security controls, reduces complexity and outperforms for improved user experience

Read reviews
Products 1 - 20

Gartner Research

This research requires a log in to determine access