• Trustwave

    Web Application Firewall

  • Speak with a Trustwave sales specialist to learn more.

    Looking for support? Use our global network of support specialists to get help. Get support now
  • Have a Trustwave solution specialist provide you with a personalized demo.

  • Most organizations today use web applications to communicate with customers, partners, employees and others. For attackers, these web applications are increasingly popular targets, as most contain exploitable vulnerabilities.

    The Trustwave Web Application Firewall (WAF) helps you protect your valuable web applications and data by continuously monitoring traffic and enforcing policies to identify and block threats. The Trustwave WAF integrates with Trustwave application scanning solution, App Scanner to provide customized protection for any application via virtual patching and is backed by the expertise of our elite SpiderLabs Research team, who deliver ongoing application vulnerability and emerging threat information.

    Trustwave WAF is also available as a managed service
    Learn More about Managed WAF


  • Attackers use a wide range or techniques to attack web applications: site scraping, malicious bots, zero-day, targeted attacks and more. The Trustwave WAF protects against these and others, including the OWASP Top 10 by offering a comprehensive set of capabilities, including positive and negative security, virtual patching, inspection of outgoing traffic, and more. The Trustwave WAF is fueled by the SpiderLabs Research team, who provide rules and threat intelligence that identify the latest web application attacks and threats.

    Download the Data Sheet

  • Web Application Firewall Dashboard


  • product feature flexibility icon


    product feature flexibility icon


    product feature flexibility icon


    Continuous Protection

    Delivers continuous protection With a combination of positive and negative security, perpetual tuning and dynamic virtual patching.

    Ease of Use

    Centralized management dashboards and an intuitive UI let you prioritize and respond faster and more effectively to threats.

    Multiple Deployment Options

    Implement Trustwave WAF how you need it - inline or out-of-line and as a cloud service in Amazon Web Services or Microsoft Azure or as a physical or virtual appliance.

    Real-Time Threat Detection

    Identify abnormal behavior, improve threat blocking and prevent outbound data leaks with bi-directional traffic analysis and behavioral profiling.

    Simplified Customization

    Pre-define rules and customize scenarios to focus on the specific requirements of your applications and your business.

    Improved Performance

    Take advantage of features outside of security to improve performance by load balancing traffic or identifying issues and trends in the web application environment.

    Built-in Threat Intelligence

    The elite SpiderLabs team delivers ongoing application vulnerability and emerging threat information to the Trustwave WAF.

    Built-In Compliance Reporting

    Includes pre-built best practice controls and reports for compliance mandates including the PCI DSS.

    Built-in Integration

    Integration with Trustwave App Scanner provides customized protection for any application via virtual patching.

How It Works


    From the dashboard, quickly drill-down to understand the context of events and get detailed information on how to resolve issues.

    application screenshot


    Show that you are meeting compliance mandates including the PCI DSS with built-in reports.

    application screenshot


    Share information about site, URL and session level problems and trends with application developers that they can use to improve performance.

    application screenshot


  • The Flexibility of Choice

    The Trustwave WAF is available in multiple configurations to support your application security and business requirements. Choose a physical appliance or a virtual appliance supporting VMware ESX/ESXi servers, Amazon Web Services, or Microsoft Azure. For more details, review the Trustwave Web Application Firewall Specification Sheet.


  • Documents

  • Webinars

    • video thumbnail


      Best Practices for Effective WAF Management

    • video thumbnail


      Dangers to Web App Security: 4 Ways to Control Complexity and Cost

    • video thumbnail


      Demo: How the Trustwave WAF Protects Web Applications