Skip to content


Azure Web Application Firewall is a cloud-native service that protects web apps from common web-hacking techniques such as SQL injection and security vulnerabilities such as cross-site scripting

WAF VS AppGateway

Application gateways provide more capabilities than a web application firewall (WAF)

WAF can be deployed with the below services

  1. Azure Application Gateway
  2. Azure Front Door
  3. Azure Content Delivery Network (CDN)

WAF on Application Gateway is based on the Core Rule Set (CRS) from the Open Web Application Security Project (OWASP).

using pre-configured rules

Protect your web applications in just a few minutes with the latest managed and preconfigured rule sets. The Azure Web Application Firewall detection engine combined with updated rule sets increases security, reduces false positives, and improves performance.

Was this page helpful?