Microsoft Security Product Hub

Azure WAF


Azure Web Application Firewall (WAF) is a cloud native WAF service to protect web apps from malicious attacks and common web vulnerabilities. Azure WAF can be deployed on Azure Front Door for global edge locations, on Application Gateway (application delivery controller) or on Azure CDN Content Delivery Network (in preview).

Azure WAF includes protection for the top 10 Open Web Application Security Project (OWASP) security vulnerabilities and can also protect against attacks such as SQL injection, cross site scripting, HTTP protocol violations and more. Rules can be managed centrally and updated programmatically to minimise management overhead. Application Gateway WAF can also be run in detection or prevention mode to monitor and observe traffic before blocking it.


  • Protection for the most common security vulnerabilities
  • Centralised management
  • Fast deployment
  • Near real-time visibility and alerts
  • Protect multiple web applications behind a single gateway
Secure Remote Work
Zero Trust