Description

Web Application Firewall (WAF) is the first line of defense to protect web applications, websites, or web servers against application layer attacks. The rising number of malicious web activities and growing sophistication of new web application attacks have proved that the basic defense offered by a traditional WAF solution is no longer able to provide the required security protection. Traditional WAF solutions focused primarily on signature-based analytics to detect web application attacks are incapable of defending against unknown threats. Limitations within the rule-based traditional WAF solutions, including the high number of false positive detections and low performance, indicate a clear need to leverage new technologies for improved detection capabilities. Leading WAF players are responding to this demand by incorporating machine learning, artificial intelligence, behavioral analytics, and cloud-delivered threat intelligence alongside signature-based analytics engines to tackle both known and unknown threats. This has significantly improved attack detection accuracy and efficiency by reducing the large number of false positives, delivering greater customer value by ensuring business continuity. Widespread use and adoption of APIs in applications development are increasing their risks as cybercrime targets, potentially exposing enterprises’ applications and databases to various web application attacks. WAF solutions with features to address new web application attacks, including API security, bot mitigation, and application-layer distributed denial of service (DDoS) are poised for growth. While most companies today are embarking on the cloud migration journey, an increasing number have begun to embrace hybrid or multi-cloud strategies. Cloud-based WAF solutions able to support multiple web application hosting environments, be it on-premises, private or public cloud, hybrid or multi-cloud, will be key differentiators for WAF players moving forward. Frost & Sullivan evaluated more than 30 domestic and international WAF in the Greater China region in this Frost Radar™ analysis: Alibaba Cloud, DBAPPSecurity Co., Ltd., NSFOCUS Technologies Group Co., Ltd., Sangfor Technologies, Inc., Venustech Group, Inc., Akamai Technologies, Inc., Array Networks, Inc., Barracuda Networks, Inc., Citrix Systems, Inc., Cloudflare, Inc., F5 Networks, Inc., Fortinet, Inc., Imperva, Inc., Qualys, Inc., and Radware, Inc., that are truly innovating and best positioned to deliver high value to customers in the future. The Frost Radar™ reveals the market positioning of companies in an industry using their Growth and Innovation scores, as highlighted in the Frost Radar™ methodology. Frost & Sullivan analyzes hundreds of companies in the industry and benchmarks them across 10 criteria on the Frost Radar™, where the leading companies in the industry are then positioned.

Author: Vivien Pua