WAF is a web application firewall that helps protect your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources.
WAF gives you control over how traffic reaches your applications by enabling you to create security rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that filter out specific traffic patterns you define.
You can get started quickly using Managed Rules for WAF, a pre-configured set of rules managed by AWS or AWS Marketplace Sellers.
The Managed Rules for WAF address issues like the OWASP Top 10 security risks.
You can deploy WAF on CloudFront as part of your CDN solution, an Application Load Balancer or an API Gateway.
Firewall Manager simplifies your administration and maintenance tasks across multiple accounts and resources for WAF, Shield Advanced, VPC security groups, and Network Firewall.
With Firewall Manager, you set up your AWS WAF firewall rules, Shield Advanced protections, Amazon VPC security groups, and Network Firewall firewalls just once.