TrustRadius: an HG Insights company

AWS WAF Information Reviews & Insights

Score7.3 out of 10

29 Reviews and Ratings

AWS WAF Reviews

3 Reviews
InformationComputer Software3

Say goodbye to vulnerabilities in enterprise applications with AWS WAF!

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

AWS WAF is a really useful software when implemented at the departmental level. It allows the infrastructure of the applications that are being executed to be protected in a very simple way since the user can establish rules to stop the vulnerabilities that can cause a malfunction in such applications. This is why we have decided to implement it in the business applications development department to dismiss these vulnerabilities and thus be able to concentrate on the development of applications without that concern.

Pros

  • It allows custom rules to be established to stop attacks that may harm business applications.
  • Its cost is based only on what the user uses to establish rules that can protect applications from vulnerabilities.
  • The rules can be established by the user or those that the system already brings with it being able to be centralized to reuse them for the rest of the applications, which saves time.
  • The user can choose the traffic of their applications.
  • The cost depends on the number of rules assigned.
  • It deploys new rules fast and efficiently.

Cons

  • The documentation offered is somewhat confusing, so it would be ideal if it were much more direct and precise.
  • Your initial configuration may be confusing, so the best option is to use the rule templates provided by AWS.
  • Its configuration is not unified with AWS, so it must be done separately and it takes some time.
  • The number of rules to be established is somewhat limited.

Likelihood to Recommend

AWS is ideal for implementation in scenarios where business applications are consuming more resources than they should. When AWS WAF is used it prevents this from happening and in this way applications tend to run as they should. It is ideal to establish custom rules and centralize them to protect different applications without having to re-create the same rules which helps save time, as well as allowing the usual attack patterns to be blocked, such as cross-site scripts and SQL injection.

A very efficient solution against web attacks

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

We use AWS WAF in the Application Development department since it is useful to provide protection against the most common web attacks such as the injection of SQL code and site scripts, as well as to prevent these applications from consuming more resources than they should actually consume. For this, we develop custom rules that allow us to block such attacks and at the same time improve the visibility of web traffic.

Pros

  • Protect any application against the most common attacks.
  • Provides better visibility of web traffic.
  • It allows us to control the traffic in different ways in which it is enabled or blocked through the implementation of security rules developed personally according to our needs.
  • It is able to block common attacks such as SQL code injection.
  • It allows defining specific rules for applications, thus increasing web security as they are developed.

Cons

  • It is necessary to have knowledge about the software because otherwise inappropriate rules will be created.
  • Your configuration can be somewhat tedious.
  • Your support team takes a long time to answer the user's questions.
  • Its costs can be somewhat high, unlike other services since it is charged by the number of rules that are created.

Likelihood to Recommend

AWS WAF is highly appropriate to interrupt or prevent cyber attacks because when implementing rules, whether they are specific or centralized, so any application that has these vulnerabilities is protected.

Implementing managed rules creates greater security to protect both API and applications.

If implemented along with other AWS tools, the security is much better, so if you want to protect applications against more specific attacks, it is ideal to integrate with Amazon CloudFront, which is a great benefit because it warns when thresholds are exceeded or specific attacks occur.

AWS WAF is ideal to avoid common web attacks. For more specific attacks and scenarios, I don't recommend this.

Best solution to protect your Web App from Cyber Attacks

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

We were using WAF to protect our web application from cyber attacks by filtering the requests access to our web app. We created various rules and access control lists for blocking all the unwanted threats like SQL injections.

Pros

  • The deployment was pretty easy on the AWS platform
  • The cost of using AWF WAF is pretty low as you only have to pay for the rules that you are assigning and also, you can chose the traffic that you need for your application
  • The technical support is great, they are very good in understanding your problem and really helpful in providing the best solution

Cons

  • There is nothing much to dislike about this product

Likelihood to Recommend

It is a pretty useful product if your web application is deployed on Amazon Web Service platform, else it could be a little complicated and pricey. It's useful if you want to lay down your own rules for security and traffic management of your web app. Having AWS WAF can assure you that the application that you are creating have integrated security features which can be maintained easily for future use. It does has some flaws, but it is backed up by Amazon which is doing a great job in everything that they are doing, so it surely has a great future.
Vetted Review
AWS WAF
1 year of experience