Sold by: Check Point Software Technologies
Deployed on AWS
Check Point WAF as a Service (WAFaaS) is an AI-based web application, generative and agentic AI, and API security solution, delivering the highest protection against known and zero-day threats using advanced AI and IPS. WAFaaS provides multiple layers of protection: rate limiting, AI engines, IPS signatures, zero-day file security, bot protection, and comprehensive API discovery and schema validation. WAFaaS delivers a non-agent WAF, deployable within minutes, and adds advanced DDoS mitigation. Traffic is seamlessly routed through Check Point servers, which automatically issue SSL certificates.
4.4
Overview
Check Point WAF as a Service (WAFaaS) is an automated solution that delivers superior benefits of a top-tier web application, generative and agentic AI, and API security solution, requiring minimal manual intervention. The AI engine continuously learns the behavior of your application, tracking changes throughout its lifecycle. This ensures a minimal false positive rate and reduces tedious rule tuning after each application change. WAFaaS delivers a non-agent WAF that can be deployed in less than 15 minutes. Traffic is effortlessly routed through Check Point servers, which automatically issue SSL certificates. Upon redirection, any HTTP requests are intercepted for inspection and forwarded to the application only after validating their security. WAFaaS is available in premium and advanced packages. Advanced package does not include API Discovery and Zero-day file security.
The Premium package provides:
AI-based engines for prevention of Zero-day Attacks and OWASP Top 10 known attacks.
AI-based contextual analysis engine to ensure precise detection rate with minimal false positives.
Real-time API discovery, sensitive data, and public exposure governance.
Snort 3.0 signature enforcement engine.
Advanced DDoS mitigation to ensure your applications stay accessible to legitimate users by mitigating attacks that overwhelm your network, servers, or applications.
Rate limiting, based on identifiers such as IP address and XFF - limited to 5 rules.
Intrusion Prevention (IPS), over 2,800 Web CVEs, based on award-winning NSS-Certified IPS.
Includes 6 months of full logs retention, based on the fair usage policy.
Auto-generated swagger schema for validation and schema enforcement. Unlimited rate limiting.
Rate limiting functionality adds identifiers such as keys within JWT, cookies, or headers.
Zero-day file security.
You are entitled to free usage of 7 days or 1M HTTP requests whatever comes first, after that you will be billed.
Highlights
- Zero-day prevention: Check Point WAF as a Service (WAFaaS) automatically prevents zero-day exploits across a wide spectrum of security events, including React2Shell, log4shell, text4shell, and MOVEit, all in real-time.
- Deployed within minutes: WAFaaS delivers a non-agent Web application firewall, deployable within minutes. Only a one-time DNS configuration is necessary for WAFaaS to start routing traffic securely to applications in the cloud.
- Unified Application Security Across the Full Attack Surface: Consolidates WAF, API, GenAI, bot, DDoS, file security, and CDN capabilities, eliminating the fragmented point solutions that create blind spots and increase administrative overhead.
Details
Categories
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/unit |
|---|---|
First 10M HTTP requests | $1,800.00 |
10M-60M HTTP requests (price per 1M) | $44.00 |
60M-160M HTTP requests (price per 1M) | $24.00 |
160M HTTP requests and above (price per 1M) | $16.00 |
Vendor refund policy
No Refunds.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
https://supportcenter.checkpoint.com/supportcenter/portal 24x7 email support with emergency phone number. Premier support available for enterprise customers.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
A single pane-of-glass security management console delivers consistent visibility, policy management, logging, reporting and control across all cloud environments and networks
Check Point Check Point Cloud Firewall is a cloud-native security gateway that delivers automated, advanced threat prevention and multi-layered network security for assets that customers migrate to or store on AWS. Try it free for 30 days.
A single security management console delivers consistent visibility, policy management, logging, reporting and control across all cloud environments and networks
Advanced threat prevention security for AWS and hybrid cloud environments, with Threat Extraction and Threat Emulation, and with GWLB (starting with R81.20)
**Please note: To ensure optimal operations, Check Point recommends a 4 vCores machine size. This provides balanced efficiency and smooth performance, which most customers find ideal for their needs.
Advanced threat prevention security for AWS and hybrid cloud environments, with Threat Extraction and Threat Emulation.
**Please note: To ensure optimal operations, Check Point recommends a 4 vCores machine size. This provides balanced efficiency and smooth performance, which most customers find ideal for their needs.
Customer reviews
Computer Software
Easy to Use, Affordable, and Accessible for New Users
Reviewed on Jun 04, 2026
Review provided by G2
What do you like best about the product?
It's ease of use and accessibility for new users. Genuinely helpful products with affordable price. Makes sense for enthusiasts and companies. Not much else to say.
What do you dislike about the product?
Nothing in particular, I would continue to use the service if I was doing anything at the moment that required it. It's a good product, nothing comes to mind as a dislike
What problems is the product solving and how is that benefiting you?
It was handling security of my endpoints that i created personally as enthusiast. Benefits me by keeping me assured that my data is safe from attacks.
Syed M.
Strong Web Protection with Easy Management
Reviewed on Jun 02, 2026
Review provided by G2
What do you like best about the product?
I like the strong protection Check Point WAF offers against web application attacks. Its easy-to-manage interface is a big plus for me, as is the real-time threat detection that it provides. I also appreciate the detailed visibility into web traffic and security events, which makes it easier to monitor and respond to potential threats. The documentation was helpful during the initial setup, allowing for a straightforward configuration. Additionally, it integrates well with other security tools, which enhances its effectiveness in our security infrastructure.
What do you dislike about the product?
One area that could be improved is reducing false positives and making policy tuning more straightforward. The reporting and dashboard customization options could also be more flexible and user-friendly.
What problems is the product solving and how is that benefiting you?
Check Point WAF protects web applications from cyberattacks, detects malicious traffic, reduces security risks, and improves application security without affecting user experience.
Bala_Krishna
Security has improved for cloud-native apps and now protects APIs with low latency and minimal tuning
Reviewed on Jun 01, 2026
Review provided by PeerSpot
What is our primary use case?
Any cloud-native application is where my clients might be using Check Point WAF (formerly CloudGuard WAF) to secure Layer 7 with low latency. It is one of the best in Layer 7 security.
What is most valuable?
The biggest advantages of Check Point WAF (formerly CloudGuard WAF) are that it is lightweight and the integration into cloud-native applications is very easy. Check Point WAF (formerly CloudGuard WAF ) produces false positives that are minimal. It has a learning process that is unique, adopting an education model approach. Ease of deployment and efficiency, particularly for API security, are phenomenal. The console is key, with Infinity Portal offering access to all kinds of Check Point products and a unique dashboard and reporting system.
Scaling is easy; once deployed, it takes care of everything without causing any concern for improving hardware or configurations. Check Point WAF (formerly CloudGuard WAF) reduces total cost of ownership, being cheaper compared to any other software.
What needs improvement?
As a reseller, the most difficult part is the lack of awareness. Check Point does not provide any kind of awareness programs to the customers, requiring partners to educate customers.
There are indeed some features missing, particularly connected with integration or with artificial intelligence. Check Point WAF (formerly CloudGuard WAF) faces certain issues with dual ISP tagging on entry-level devices since SD-WAN features were added.
For how long have I used the solution?
I have been selling Check Point WAF (formerly CloudGuard WAF) for almost three to four years.
What do I think about the stability of the solution?
Regarding stability, I am not finding any issues; it is very stable.
What do I think about the scalability of the solution?
Check Point WAF (formerly CloudGuard WAF) is very easy to scale. Once deployed, you forget it; it takes care of everything.
How are customer service and support?
My impression of technical support for Check Point WAF (formerly CloudGuard WAF) is that it is adequate. The technical support team is really good.
If I were to rate support from zero to ten points, I would give them a ten, as they are the best.
Which solution did I use previously and why did I switch?
Check Point WAF (formerly CloudGuard WAF) is good; there are no questions asked.
What was our ROI?
In terms of pricing, Check Point WAF (formerly CloudGuard WAF) is not expensive; it is worth the investment. If there is no downtime or bottlenecks while accessing your application from the internet, that itself is the return on investment.
Which other solutions did I evaluate?
I can tell you specific issues or advantages with products such as FortiGate or Check Point perimeter firewall.
What other advice do I have?
From a technical perspective, I do not think Check Point is leading in the web application firewall space. Cloudflare , F5, and Barracuda WAFs are noteworthy. Check Point WAF (formerly CloudGuard WAF) can be configured with no prior training.
When I compare Check Point WAF (formerly CloudGuard WAF) with traditional WAFs, I find its learning curve to be simple.
Check Point has an excellent intelligence engine for zero-day attacks, unmatched by Palo Alto. I would rate this review a ten overall.
Luciano P.
Strong OWASP Protection and AI-Driven Threat Prevention That Scales
Reviewed on May 29, 2026
Review provided by G2
What do you like best about the product?
Strong protection against OWASP Top 10 attacks
Easy integration with cloud environments
Good real-time threat prevention and bot protection
Centralized management and visibility
AI-driven threat intelligence from Check Point
Scalable for enterprise workloads
Helpful automation and policy tuning feature
Easy integration with cloud environments
Good real-time threat prevention and bot protection
Centralized management and visibility
AI-driven threat intelligence from Check Point
Scalable for enterprise workloads
Helpful automation and policy tuning feature
What do you dislike about the product?
Initial setup can be complex
Can be expensive for smaller companies
Some advanced configurations require expertise
Dashboard/UI can feel overwhelming at first
Occasional false positives that need tuning
Support response time may vary depending on the plan
Can be expensive for smaller companies
Some advanced configurations require expertise
Dashboard/UI can feel overwhelming at first
Occasional false positives that need tuning
Support response time may vary depending on the plan
What problems is the product solving and how is that benefiting you?
Check Point CloudGuard WAF is solving web application security problems by blocking attacks such as SQL injection, XSS, bots, and API threats. It helps secure cloud applications, reduce security incidents, improve visibility into traffic, and support compliance requirements. The benefits include stronger protection for business applications, reduced downtime, lower risk of data breaches, faster threat response, and improved operational efficiency through centralized management and automation.
Merin K O.
Powerful Security with a Complex Setup
Reviewed on May 29, 2026
Review provided by G2
What do you like best about the product?
I use Check Point WAF to protect our internet-facing web application and APIs from web-based threats like SQL injection and cross-domain issues. The solution provides advanced threat prevention and automated policy cleaning. I appreciate the traffic inspection and reverse migration capabilities that ensure application availability and maintain security compliance. It supports both community and hybrid environments. We also integrate it with our broader security ecosystem, which helps in monitoring and provides better visibility for threat detection. Cloud integration capabilities have simplified development, providing better visibility to application networks and stronger protection against top vulnerabilities.
What do you dislike about the product?
While Check Point WAF provides strong application security and configuration capabilities, there are some areas that could be improved. The initial set of policy tuning process can be complex for new administrators, requiring a good understanding of web application traffic patterns. The interface could be more user-friendly, and the reporting and dashboard customization options could be enhanced to provide more actionable insights. Additionally, licensing can be challenging for smaller organizations, I assume. Faster deployment templates for cloud-native applications would further simplify the implementation.
What problems is the product solving and how is that benefiting you?
I use Check Point WAF to protect our web application and APIs from threats like SQL injection and ensure security compliance. It offers advanced threat prevention, automated policy cleaning, and supports hybrid environments, though initial setup needs expertise.