Sold by: RadwareÂ
Radware Cloud WAF is a fully managed Cloud Application Protection Service providing the industry's most comprehensive web application security solution. It integrates Radware's cloud-delivered WAF technology, API protection, Bot management, application layer DDoS protection, client-side protection, analytics, threat detection and security feeds in a single portal.
Overview
Radware Cloud WAF is a fully managed Cloud Application Protection Service providing the industry's most comprehensive web application security solution. The service integrates Radware's Cloud WAF, API Protection, Bot management, client-side and application layer DDoS protection in a single portal that provides security analytics, threat detection and real-time security feeds to protect applications against hacking, malicious bots, API exposure, Web DDoS attacks, supply chain attacks and other vulnerabilities. Radware's combination of negative and positive security models provides a complete level of protection against OWASP Top 10 threats and zero-day attacks. API Discovery and Protection - End-to-end API solution from Discovery to protection at a click of a button. Radware auto API discovery maps all of your applications documented and undocumented third-party APIs, automatically generates Open API schema files, generates tailored security policies to detect and block API-focused attacks in real time and enforce protection across all your APIs. Radware's advanced API protection eliminates your documenting and protecting APIs overheads and keeps your organization protected across the board. Bot Management - Integrated Bot Manager provides comprehensive mitigation options, such as Blockchain-based Crypto challenges to counter attacks. It ensures precise bot management for web, mobile, and API traffic by employing behavioral modeling, collective bot intelligence, and fingerprinting. This defense guards against all OWASP 21 automated threats, including account takeover, credential stuffing, DDoS, fraud, and web scraping, fortifying online operations. Web DDoS Protection - Industry leading application-layer L7 protection against DDoS attacks, based on Radware's unique machine-learning-based behavioral detection that distinguishes between legitimate and malicious traffic, and automatically generates granular signatures in real-time to protect against zero-day attacks. Best-in-class security against a wide variety of threats, including HTTP Floods, HTTP bombs, low-and-slow assaults, Brute Force attacks, and disruptive web DDoS Tsunamis. Client-side Protection - Easily block requests to suspicious third-party services in your supply chain and adhere to data security compliance standards. Protect against client-side attacks coming from third party JS services - Formjacking, Skimming,Magecart, automatically and continuously discover all third-party services in your supply chain with detailed activity tracking, as well as get alerts & threat level assessment according to multiple indicators, including script source and destination domain. Pricing We have 3 different pricing packages - Standard, Advanced and Complete. The Standard and Advanced packages come with some of the features while Complete provides full coverage.
Highlights
- Fully Managed Web Application Protection Service - 24x7 Fully managed security service by Radware's expert Emergency Response Team(ERT). Protect Against OWASP Vulnerabilities - Stay protected against 150+ known attack vectors, including the OWASP Top 10 Web Application Security Risks, Top 10 API Security Vulnerabilities, Top 21 Automated Threats To Web Applications, and Top 10 Client-side vulnerabilities
- Detect, Manage and Mitigate Bots - Detect and distinguish between good and bad bots to protect websites, mobile apps and APIs. Easily optimize and customize your bot management policies to provide a better user experience and drive more ROI from your application traffic. End-to-end API Protection - From discovery to enforcement at a click of a button, Radware combines behavioral analysis and policy automation to protect from increasingly sophisticated API assaults.
- Mitigate Application-Level DDoS Assaults - Radware's DDoS protection technologies provide the shortest time to detection and mitigation of most advanced and high volume HTTP-based DDoS assaults by utilizing patented behavioral analysis, machine learning-based engines. Protect Client-Side From Supply Chain Attacks - This solution offers advanced client side protection that ensures the protection of end users data when interacting with any third-party services in the application supply chain.
Details
Sold by
Categories
Delivery method
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/Mbps |
|---|---|---|
Cloud Application Protection Standard,10 Mbps,1 Application - Monthly | Cloud Application Protection Standard,10 Mbps,1 Application - Monthly | $638.00 |
Cloud Application Protection Standard,50 Mbps,1 Application - Monthly | Cloud Application Protection Standard,50 Mbps,1 Application - Monthly | $1,940.00 |
Cloud Application Protection Standard,100 Mbps,1 Application - Monthly | Cloud Application Protection Standard,100 Mbps,1 Application - Monthly | $3,069.00 |
Advanced_10 | Cloud Application Protection Advanced,10 Mbps,1 Application - Monthly | $1,276.00 |
Advanced_Addon | Cloud Application Protection Advanced,1 Application Add-On - Monthly | $127.00 |
Complete_10 | Cloud Application Protection Complete,10 Mbps,1 Application - Montly | $2,233.00 |
Complete_Addon | Cloud Application Protection Complete,1 Application Add-On - Monthly | $193.00 |
CDN_Add_on | Cloud Application Protection CDN Service Enablement - Monthly | $287.00 |
CDDOS_OnDemand | On-Demand Cloud DDoS Protection Service - Legitimate 10Mbps - Monthly | $2,750.00 |
CDDOS_AlwaysOn | Always-On Cloud DDoS Protection Service - Legitimate 10Mbps - Monthly | $4,950.00 |
Vendor refund policy
No refund offered
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Online Support Service Portal -Appropriate for non-critical issues, such as general inquiries, requests for technical documentation/ information, schedule support during an upcoming maintenance window, view installed base and manage support cases.24x7, where Internet service is available
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Radware Alteon VA ADC Secure - 200Mbps
By Radware
Alteon VA supports the complex functionality requirements of Enterprise applications which go beyond basic availability and quality of experience features. These include: Layer 7 Rewrite, Application Level Traffic Steering, Caching, SSL Offload, compression, acceleration. WAF (AppWall), SecureUR L
Radware Alteon VA ADC Secure - 1Gbps
By Radware
Alteon VA supports the complex functionality requirements of Enterprise applications which go beyond basic availability and quality of experience features. These include: Layer 7 Rewrite, Application Level Traffic Steering, Caching, SSL Offload, compression, acceleration. WAF (AppWall), SecureUR L
Alteon VA supports the complex functionality requirements of Enterprise applications which go beyond basic availability and quality of experience features. These include:Layer 7 RewriteApplication Level Traffic SteeringCachingSSL OffloadingWAF (AppWall)
Radware Alteon VA ADC Perform - 200Mbps
By Radware
Alteon VA supports the complex functionality requirements of Enterprise applications which go beyond basic availability and quality of experience features. These include: Layer 7 Rewrite, Application Level Traffic Steering, Caching, SSL Offload, compression, acceleration. WAF (AppWall), SecureUR L
Customer reviews
4.5
6 ratings
6 AWS reviews
|
131 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
RAHUL T.
Reliable Shield for Web Apps
Reviewed on Oct 01, 2025
Review provided by G2
What do you like best about the product?
What I like most is its real-time threat detection and automatic policy updates. It’s pretty good at adapting to new attack patterns without needing constant manual tuning. The dashboard is clean, and integration with existing tools was smooth.
What do you dislike about the product?
The UI feels a bit dated and some advanced configurations aren’t as intuitive as they should be. Reporting could be more flexible, especially for SOC-level insights. Also, occasional false positives need manual tuning.
What problems is the product solving and how is that benefiting you?
It helps us block web-based attacks like SQL injection, XSS, and bot traffic before they reach our apps. That means fewer incidents, less manual triage, and more time to focus on proactive threat hunting. It’s also useful for meeting compliance needs.
Capital Markets
Strong Web Application Security
Reviewed on Sep 25, 2025
Review provided by G2
What do you like best about the product?
What I appreciate most about Radware Cloud WAF is its ability to detect threats in real time and automatically mitigate them. It delivers robust protection against web attacks while having little effect on performance, which makes it both secure and efficient.
What do you dislike about the product?
It requires a more in-depth understanding of security policies to achieve full optimization. Furthermore, the initial setup and fine-tuning process can be time-consuming, depending on the specific environment.
What problems is the product solving and how is that benefiting you?
Radware Cloud WAF addresses essential security challenges by protecting against web-based attacks such as SQL injection, cross-site scripting, and DDoS threats. It has been beneficial for us by offering real-time threat detection, automated mitigation, and enhanced visibility into application traffic. This ensures that our web assets stay secure and compliant, all while requiring minimal manual intervention.
Commercial Real Estate
Radware WAF Cloud: A Web Application Security Platform
Reviewed on Sep 17, 2025
Review provided by G2
What do you like best about the product?
Radware WAF is a strong performer when it comes to securing web applications. It offers solid protection against OWASP Top 10 and zero-day threats, and supports bot mitigation, API security, and flexible deployment models. The platform is easy to manage, integrates well with SIEM and SOAR tools, and meets high availability SLAs. Its centralized reporting and real-time alerting make it a reliable choice for infrastructure teams looking for visibility and control. Just note that it supports only TCP ports, which can be a limitation for certain use cases
What do you dislike about the product?
While Radware WAF is solid for securing web apps, there are a few things that could be better. It doesn’t support UDP traffic, which limits onboarding for certain real-time applications
What problems is the product solving and how is that benefiting you?
We faced a major integration problem with SIEM where RadWare helped with Logstash integration. Also was a great help in implementing SSO.
Yash Dasadia
Has managed high traffic efficiently and reduced false positives while maintaining strong API protection
Reviewed on Sep 12, 2025
Review from a verified AWS customer
What is our primary use case?
We use Radware Cloud WAF Service for WAF protection and API protection.
What is most valuable?
The best features of Radware Cloud WAF Service are its ability to manage high traffic, its scalability, and its reliability. Whenever we observe any detections or unusual traffic at a high rate, Radware manages the replication of web applications in such a way that no web applications are ever hampered, ensuring all traffic is managed effectively.
Radware Cloud WAF Service has significantly reduced our false positives, as Radware keeps its policies up to date with emerging tactics. This has led to very few false positives, which is one reason we have chosen to implement Radware WAF in our environment, given its favorable false positive ratio.
What needs improvement?
In Radware Cloud WAF Service, the areas that have room for improvement include the costing part, as we faced some issues during the implementation and POC of this WAF technology.
Additionally, the policy management can be improved, along with the graphical user interface for better visualization, so any new user can adapt to its graphics and find it easier to use.
For how long have I used the solution?
I have been using Radware Cloud WAF Service for around three plus years.
How are customer service and support?
I would rate the support a perfect 10 out of 10 because the support is good.
What was our ROI?
We have seen a good amount of return on investment with Radware Cloud WAF Service, roughly 50 to 60%. By reviewing our alerts and traffic, we can assess what traffic has been blocked and how much it has saved our applications and infrastructure.
Given our critical web applications and our substantial environment, where many applications are onboarded on WAF, overall, we can say it has yielded good returns on investment.
Which other solutions did I evaluate?
When I compare Radware Cloud WAF Service with other WAF software, I notice that while Radware's technology is strong, the only cons we faced were related to costing and some policies. Other solutions are available in the market, but they also have their drawbacks.
What other advice do I have?
We use the CDNÂ services offered by Radware with Radware Cloud WAF Service. The combination of CDNÂ and Radware Cloud WAF Service is easy to use, and the security it offers is good, especially with the WAF plus DDoS integration, which is ideal for media and all types of streaming.
I assess Radware Cloud WAF Service for blocking unknown threats and attacks as effective because it updates its mitigation policies with day-to-day strategies, incorporating new and emerging tactics. Additionally, it blocks some traffic based on AI, which enhances its ability to manage intrusion threats.
The automated analytics for looking at events is positive, as it has inbuilt automations that reduce our manual intervention. Due to this, there is a quick incident response in case of any high alert or critical case, ensuring that proper mitigations have been taken care of for any incident, which allows for a rapid response over any alert.
Radware Cloud WAF Service for integrating with other systems and applications in our business is seamless, as we have integrated Radware WAF with our SIEM monitoring tool, Microsoft Sentinel . We can get centralized logs for every tool on Sentinel , and it was easy to implement and integrate with it. Throughout the integration with Sentinel , we received excellent support and good documentation.
I assess Radware Cloud WAF Service for its ability to protect against zero-day attacks as competent since it adapts behavioral models. If it observes any vulnerability that Radware WAF hasn't recognized in its recent models, it trains its models based on behavior to manage zero-day exploits, ensuring that if any sudden bot traffic or API abuse occurs, Radware mitigates it and blocks all such traffic effectively.
The combination of negative and behavior-based positive security models is crucial for our organization's security strategy because Radware assumes everything is allowed unless it observes any malicious activity or anomaly. In such cases, WAF only blocks when something malicious or specific signatures are observed, making it reliable for our applications and ensuring none are hampered by any false positives.
We use Radware Bot Manager . With Radware Bot Manager , we have discovered issues such as web scraping and DDoS bots from our incoming bot traffic that we weren't aware of before, as it provides detections for that and actively blocks all such DDoS traffic and bot traffic based on its AML algorithms. We have also enabled API bot protection.
We use the web DDoS protection offered by Radware. Radware Cloud WAF Service has helped in our business continuity by ensuring that no legitimate traffic is blocked. Only when something suspicious based on L3, L4, or L7 DDoS attacks or such signatures is observed does Radware block malicious traffic, guaranteeing reliability and continuity for our web applications.
The solution requires maintenance when we want to configure or tweak any policy, which is when we seek support from the tech team.
Our team includes 30 engineers who use Radware WAF. We will recommend this product to other users because we have suggested it to our peers. Looking at the solution this tool has provided us, we find it beneficial enough to promote it to others.
On a scale of 1-10, I rate this solution a 9.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Kartik P.
Reliable WAF Solution
Reviewed on Sep 12, 2025
Review provided by G2
What do you like best about the product?
Strong defence against web and bot based attacks. Using it regularly for a comprehensive dashboard and view and easy to use and navigate.
What do you dislike about the product?
Managing false positive is challenging task.
What problems is the product solving and how is that benefiting you?
It is ensuring real-time protection against web attacks and bots which leads to high availability of the application and up-time. It has decresed the incidents being faced.