• Trustwave

    Web Application Firewall

  • Speak with a Trustwave sales specialist to learn more.

    Looking for support? Use our global network of support specialists to get help. Get support now
  • Have a Trustwave solution specialist provide you with a personalized demo.

  • E-commerce sites are highly targeted assets of hackers because they're easy to access and deliver a valuable data payload for cybercriminals. Add to that the fact that 99.7 percent of the applications assessed by Trustwave SpiderLabs in 2017 included at least one serious vulnerability.

    With our award-winning Web Application Firewall, you can continuously monitor your applications, instantly detect and prevent threats, mitigate the risk of data breaches, and address compliance requirements, including the PCI DSS (section 6.6).

    *Source: Trustwave 2017 Global Security Report

    Need the Experts in Your Corner?
    Explore our Managed Security Services

  • Trustwave is the primary developer and custodians of ModSecurity and leaders of the OWASP ModSecurity Core Rule Set Project.

    Common Criteria validation with EAL 2+ level certification.

    Rated 5 out of 5 by SC Magazine in all categories: features, ease of use, performance, documentation, support and overall value.

    Best Web Application Firewall Finalist 2014 and 2015, SC Magazine Awards US.


  • Integrated threat intelligence provided by Trustwave SpiderLabs sets Trustwave WAF apart. No other organization can compete with Trustwave SpiderLabs®’ breadth of data inputs or quality of human researchers investigating threats in the real world.

    A unique combination of positive and negative security, dynamic virtual patching and a platform that’s easy to install and configure, Trustwave Web Application Firewall delivers advanced, continuous protection for all your Web applications. Why do customers choose Trustwave Web Application Firewall to protect their mission-critical applications?

    • Quick deployment with just three pieces of information: domain name, IP address, and port
    • More accurate alerts and blocking through bidirectional traffic inspection and correlation
    • Customized protection for any application via integration with Dynamic Application Security Testing (DAST) tools such as Trustwave App Scanner and virtual patching
    • Improves application performance by identifying broken links and abnormal terminations of the application
    • Flexible deployment with full WAF functionality in both in-line and out-of-line mode
    • Integration with multiple Trustwave application security solutions
    • Available as a managed service
  • Demo: Trustwave Web Application Firewall (26 mins)

    See how Trustwave Web Application Firewall provides unprecedented visibility and continuous protection for critical web applications.


  • product feature flexibility icon


    product feature flexibility icon


    product feature flexibility icon


    Continuous Protection

    With a unique combination of positive and negative security, perpetual tuning and dynamic virtual patching, the Trustwave Web Application Firewall delivers continuous protection against today's ever-changing threat landscape.

    Ease of Use

    Trustwave Web Application Firewall delivers an intuitive user experience, centralized management dashboards and single pane of glass into your applications so you can prioritize your day and respond faster and more effectively to threats or performance issues.

    Greater Scalability

    Trustwave Web Application Firewall is built to scale so you can reduce the complexity and cost of securing your growing application ecosystem. The technology can be deployed either in line or out of line, and it rapidly supports an expanding application environment, whether that means higher traffic volumes or IP addresses.

    Real-Time Threat Detection

    Bi-directional traffic analysis, automated behavioral profiling, and multiple collaborative detection engines help you and your team to quickly identify abnormal behavior, improve threat blocking and prevent outbound data leaks.

    On Demand Customization

    With the Trustwave Web Application Firewall, you can pre-define rules and customize scenarios so your implementation is focused on the specific requirements of your applications and your business.

    Improved Performance

    Application Performance Management identifies problems and trends at the site, URL and session levels in the Web application environment - all with real-time views that provide performance metrics. It automatically profiles Web applications, so there is no need to define application structures or paths.

    Threat Intelligence Inside

    Tap into the knowledge gained from thousands of real-world engagements and leading application threat researchers. Trustwave Web Application Firewall is built on the foundation of our elite SpiderLabs team, delivering the industry's strongest protection against application vulnerabilities and emerging threats - including the OWASP Top 10.

    Built-In Compliance Reporting

    Trustwave Web Application Firewall leverages our expertise in risk and compliance management, with pre-built best practice controls and reports for compliance mandates, including PCI DSS.

    Optimized Resources

    Need more application security expertise in your corner? The Trustwave Web Application Firewall can be delivered as a managed security services, for real-time management of threat status, alerts and performance, continuous monitoring and management of Web Application Firewall sensors, regular tuning and configuration support and full integration with SIEM for advanced threat correlation. Learn More

How It Works

  • Trustwave Web Application Firewall Overview

    video thumbnail
    Trustwave Web Application Firewall Overview

    Learn how our Web Application Firewall protects your data, enables compliance and ensures performance of your critical business applications.

    video thumbnail
    Are you a security administrator?

    Dive deeper into the Trustwave Web Application Firewall configuration and management tools.

    video thumbnail
    Are you an application developer?

    Learn how Trustwave can help you improve security during the development lifecycle.

  • Trustwave Web Application Firewall at a Glance

  • application screenshot

    Easy-to-use management console provides a single point of configuration and monitoring that delivers immediate visibility and understanding of Web application architectures and security.

    application screenshot

    Trustwave Web Application Firewal helps you understand the context of events to quickly remediate issues. For every event or defect detected, a detailed description pinpoints the problem and explains its resolution.

    application screenshot

    Powerful reporting tools communicate security issues to application developers and executive management, help meet compliance requirements and track the effectiveness of policies.

  • Trustwave Architecture

    Trustwave Web Application Firewall is built on our scalable and extensible Trustwave Architecture, which includes TrustOS© and TrustedSentry. TrustOS is the common software platform that unifies all of our products. TrustedSentry is our standardized hardware model. Together, the Trustwave Architecture delivers greater efficiency by allowing for easy scaling and rapid integration across our products, as well as third-party solutions.

    Learn More About Trustwave Architecture

  • Service Options

    Standard Support includes email and phone support, plus maintenance updates.

    Premium Support includes 24x7x365 email and phone support, one-year hardware warranty, next-day replacement service for Trustwave Web Application Firewall hardware appliance and maintenance updates.

    On-site installation, extended hardware coverage, and professional services are also available.


  • The Flexibility of Choice

    The Trustwave Web Application Firewall is available in multiple configurations to support your growing application security and business requirements. Choose hardware, virtual appliance supporting VMware ESX/ESXi servers or Web Application Firewall as a fully managed security service. For more details, review the Trustwave Web Application Firewall Specification Sheet.


  • Documents

  • Videos

    • video thumbnail


      Trustwave Web Application Firewall for Security Administrators

    • video thumbnail


      Trustwave Web Application Firewall for Application Developers

    • video thumbnail


      Trustwave Web Application Firewall Overview

  • Webinars

    • video thumbnail


      Dangers to Web App Security: 4 Ways to Control Complexity and Cost