Sold by: Check Point Software TechnologiesÂ
Deployed on AWS
Check Point CloudGuard WAF-as-a-Service (WAFaaS) is an AI-based WAF solution delivering the highest protection against known and zero-day threats through advanced AI and IPS signatures. CloudGuard WAFaaS provides multiple layers of protection: rate limiting, AI engines, IPS signatures, zero-day file security, bot protection. CloudGuard WAFaaS delivers a non-agent WAF, deployable within minutes, and adds advanced DDoS mitigation. Traffic is seamlessly routed through Check Point servers, which automatically issue SSL certificates.
Overview
Check Point CloudGuard WAF-as-a-Service (WAFaaS) is an automated solution that delivers superior benefits of a top-tier Web Application Firewall and API Protection, requiring minimal manual intervention. The AI engine continuously learns the behavior of your application, tracking changes throughout its lifecycle. This ensures a minimal false positive rate and reduces tedious rule tuning after each application change. CloudGuard WAFaaS delivers a non-agent WAF that can be deployed in less than 15 minutes. Traffic is effortlessly routed through Check Point servers, which automatically issue SSL certificates. Upon redirection, any HTTP requests are intercepted for inspection and forwarded to the application only after validating their security. CloudGuard WAFaaS is available in advanced and premium packages. Premium include API Discovery and Zero-day file security. The advanced package provides:
- AI-based engines for prevention of Zero-day Attacks and OWASP Top 10 known attacks.
- AI-based contextual analysis engine to ensure precise detection rate with minimal false positives.
- Snort 3.0 signature enforcement engine.
- Advanced DDoS mitigation to ensure your applications stay accessible to legitimate users by mitigating attacks that overwhelm your network, servers, or applications.
- Rate limiting based on identifiers such as IP address and XFF - limited to 5 rules.
- Intrusion Prevention (IPS), over 2,800 Web CVEs, based on award-winning NSS-Certified IPS.
- Include 3 months of full logs retention - based on the fair usage policy.
You are entitled to free usage of 7 days or 1M HTTP requests whatever comes first, after that you will be billed.
Highlights
- Zero-day prevention: CloudGuard WAFaaS has demonstrated prevention of zero-day exploits across a wide spectrum of security events, including log4shell, text4shell, and MOVEit, all in real-time.
- Deployed within minutes, usage-based pricing: CloudGuard WAFaaS delivers a non-agent Web application Firewall, deployable within minutes. Requires one-time DNS configuration. The consumption is based on the actual number of requests processed by your applications.
- Prevent DDoS and automated bot attacks: CloudGuard WAFaaS provides real-time detection and automatic mitigation protection against Distributed Denial of Service (DDoS) attacks and bot-driven assaults.
Details
Categories
Delivery method
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/unit |
|---|---|
First 10M HTTP requests | $1,500.00 |
10M-60M HTTP requests (price per 1M) | $38.00 |
60M-160M HTTP requests (price per 1M) | $22.00 |
160M HTTP requests and above (price per 1M) | $15.00 |
Vendor refund policy
No Refunds.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
https://supportcenter.checkpoint.com/supportcenter/portal 24x7 email support with emergency phone number. Premier support available for enterprise customers.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Check Point CloudGuard Network Security
By Check Point Software Technologies
Check Point CloudGuard Network Security is a cloud-native security gateway that delivers automated, advanced threat prevention and multi-layered network security for assets that customers migrate to or store on AWS. Try it free for 30 days.
CloudGuard Network Security All-In-One
By Check Point Software Technologies
Advanced threat prevention security for AWS and hybrid cloud environments, with Threat Extraction and Threat Emulation, and a built-in security management server
CloudGuard Network Security with Threat Prevention and SandBlast
By Check Point Software Technologies
Advanced threat prevention security for AWS and hybrid cloud environments, with Threat Extraction and Threat Emulation, and with GWLB (starting with R81.20)
**Please note: To ensure optimal operations, Check Point recommends a 4 vCores machine size. This provides balanced efficiency and smooth performance, which most customers find ideal for their needs.
CloudGuard Network Security with Threat Prevention & SandBlast BYOL
By Check Point Software Technologies
Advanced threat prevention security for AWS and hybrid cloud environments, with Threat Extraction and Threat Emulation.
**Please note: To ensure optimal operations, Check Point recommends a 4 vCores machine size. This provides balanced efficiency and smooth performance, which most customers find ideal for their needs.
Check Point Security Management
By Check Point Software Technologies
A single pane-of-glass security management console delivers consistent visibility, policy management, logging, reporting and control across all cloud environments and networks
Customer reviews
0 ratings
0 AWS reviews
|
22 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
Sidharth M.
Checkpoint Cloudguard WAF
Reviewed on Oct 10, 2025
Review provided by G2
What do you like best about the product?
Checkpoint CloudGuard WAF is appreciated for its intelligent,prevention first approach to securing web application and API's. It offers comprehensive suite of protection, including bot mitigation, DDoS defence, file reputation check and coverage for thousands of known vulnerabilities.Beyond its technical strengths, Checkpoint CoudGuard WAF Excels in delivering a seamless user experience. customer support is so great.
What do you dislike about the product?
Some users have also noted that documentation can be more user-friendly. Other than this solution is so greta.
What problems is the product solving and how is that benefiting you?
One of the biggest problems it solves is the detection and prevention of zero-day attacks and OWASP top 10 vulnerabilities with relying on signature update. A common pain point with traditional WAFs that generate excessive false positive. CloudGuard's cloud-native design and support for infrastructure-as-code streamline deployment and integration into CI/CD pipelines.
Ankit K.
Checkpoint CloudGuard WAF
Reviewed on Oct 06, 2025
Review provided by G2
What do you like best about the product?
What I like most about Checkpoint cloud guard WAF is it combine, AI-Driven protection with simplicity of deployment and low operational burden. The solution is cloud native, scalable, globally distributed and designed for rapid deployment so organization can protect their web assets quickly. Checkpoint Cloud Guard WAF uses contextual AI to defend web apps and APIs from known and zero-day threats, with minimal false positive and no manual tunning. Customer support is very active.
What do you dislike about the product?
There is no dislike as of now. Product is doing great.
What problems is the product solving and how is that benefiting you?
CloudGuard's machine learning engines detect behavioral anomalies and uses both supervised and unsupervised learning to find threats without waiting for signature updates. Reduced noise and fewer false alarm - less time wasted investigating false positive. Better compliance- enhanced visibility and reporting help show where protections are in place. Deployment is fast and scalable, integrating with cloud-native environments, means protection can go live quickly.
Soe Moe T.
The Best Protection Shield for Web App and API Security
Reviewed on Aug 27, 2025
Review provided by G2
What do you like best about the product?
Firstly, I like the best about Check Point CloudGuard WAF is It's UI. It is very responsive, simple and easy to use and understand. It is also provided for AI powered, Automation and can block others attack such as DDOS, SQL Injection, and etc ... So I used CloudGuard WAF for my Web and API security.
What do you dislike about the product?
I don't have much about Check Point Cloud Guard WAF. It is very useful for me and I prefer to use.
What problems is the product solving and how is that benefiting you?
Cloud Guard WAF can benefit to me because it can protect a lot of protection for my Web and API security. The best benefiting to me is unknown threats.
Information Technology and Services
Great AI-powered security
Reviewed on Aug 20, 2025
Review provided by G2
What do you like best about the product?
Great AI-powered security protecting web applications and APIs
Contextual Threat Prevention
API Discovery & Protection
Easy Deployement
Self sufficent and able to prevent and improve by itself isolating possible breaches.
Contextual Threat Prevention
API Discovery & Protection
Easy Deployement
Self sufficent and able to prevent and improve by itself isolating possible breaches.
What do you dislike about the product?
Depends a lot on the support and to resolve certain issues it might require some time.
What problems is the product solving and how is that benefiting you?
WAF and cloud protection
Sumeet M.
Check Point CloudGuard WAF
Reviewed on Jun 18, 2025
Review provided by G2
What do you like best about the product?
What I like best about Check Point CloudGuard WAF is that it gives solid protection for our web applications without being hard to use. It automatically detects and blocks threats like SQL injection, cross-site scripting, and other attacks, so we don’t have to worry about constant monitoring. It also keeps everything running smoothly without slowing things down. The setup is straightforward, and the dashboard makes it easy to see what’s happening.
What do you dislike about the product?
Some advanced settings can be a bit complex at first, but it works well once set up.
What problems is the product solving and how is that benefiting you?
Check Point CloudGuard WAF helps protect our web applications from common threats like SQL injection, cross-site scripting, and bot attacks. It blocks harmful traffic before it reaches our systems, which keeps our apps safe and running smoothly. This saves us time, reduces the risk of downtime, and gives us peace of mind knowing our web services are protected without needing constant manual monitoring.