How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
I primarily use the solution as a gateway service and a transaction portal.
The regular use case is basically for blocking or giving access to different vendors to different domains. We also use it for managing and identifying the attacks and new rules that we should implement for our public domains to tune up the application firewall or tool, whatever makes more sense for us. We're using it through the web console and API. We're just using the managed service.
My whole business is cloud cost management. What I do is help people manage expenses. That encompasses everything from cleaning up software as a service subscriptions to optimizing AWS. My use cases for AWS WAF have to do with cloud research only.
There are two things that we primarily use AWS WAF (Amazon Web Services Web Application Firewall) for. One use is within the company. Within the company, the intended use is to deploy our applications. It is like working with the cloud. We can start an application in S3 (Simple Storage Service), and use profiles for access to data. The other use is that most of our clients use a similar infrastructure. They are either using AWS, Azure or maybe Google Cloud Platform (GCP). We deploy this solution for them. Both uses are different. One is for the cloud solutions like AWS, Azure and GCP, and one is for the local server access. That is how you want to secure a server. You are securing a server, database, app servers, and ATA gateways. The other one is for implementing security for the AWS. You want to have both running side-by-side. Let me give you an example. Suppose, most of the people working for your company are connected from external locations with company-provided laptops or systems. I want to check all devices to make sure that they are being used in a secure way and not creating any breach of security. Those checks cannot be taken care of reliably from the AWS perspective. This is why you need two solutions.
A primary use case example is when a customer from the cloud wants to expose his applications to the internet. We make sure that the clients, the applications, whatever they're trying to export, are public but that it's not going directly public. We make a backup, for instance, to protect the sellers and applications from security checks, etc.
Our primary use case is to protect our internal web solution. We use it to have an internal application for our customers. We are an SME worldwide company, so we have some internal website solutions architects that use this as an internal portal to the internet. We apply a WAF front to our web application.
We are a technical services company and this is one of the solutions that we have helped implement for our clients. We stopped using AWS about six months ago and as such, we are not currently using the AWS Web Application Firewall.
I'm a manager and in charge of IT infrastructure and information security for an airline company. We're a customer of AWS WAF. We use the product to protect the websites that our customers access to book flights. It provides the sites with DDoS protection and OWASP top 10 application security.
We primarily use the solution for its rich insights to improve customer experience.
The primary use of the solution is for perimeter security. I use it to secure my application and infrastructure.
It is our web application firewall.
The primary use case is application security. We are using the latest version.
We use it to protect our backend services.
Application security is our primary use case.
It's all about the security of the cloud system.
Which is better and why?
We required a 24/7 automated vulnerability monitoring tool for securing our web applications. We are looking for options like Sitelock and Immuniweb.