We use Radware Cloud WAF Service for WAF protection and API protection.

The best features of Radware Cloud WAF Service are its ability to manage high traffic, its scalability, and its reliability. Whenever we observe any detections or unusual traffic at a high rate, Radware manages the replication of web applications in such a way that no web applications are ever hampered, ensuring all traffic is managed effectively.

Radware Cloud WAF Service has significantly reduced our false positives, as Radware keeps its policies up to date with emerging tactics. This has led to very few false positives, which is one reason we have chosen to implement Radware WAF in our environment, given its favorable false positive ratio.

In Radware Cloud WAF Service, the areas that have room for improvement include the costing part, as we faced some issues during the implementation and POC of this WAF technology.

Additionally, the policy management can be improved, along with the graphical user interface for better visualization, so any new user can adapt to its graphics and find it easier to use.

I have been using Radware Cloud WAF Service for around three plus years.

I would rate the support a perfect 10 out of 10 because the support is good.

We have seen a good amount of return on investment with Radware Cloud WAF Service, roughly 50 to 60%. By reviewing our alerts and traffic, we can assess what traffic has been blocked and how much it has saved our applications and infrastructure.

Given our critical web applications and our substantial environment, where many applications are onboarded on WAF, overall, we can say it has yielded good returns on investment.

When I compare Radware Cloud WAF Service with other WAF software, I notice that while Radware's technology is strong, the only cons we faced were related to costing and some policies. Other solutions are available in the market, but they also have their drawbacks.

We use the CDN services offered by Radware with Radware Cloud WAF Service. The combination of CDN and Radware Cloud WAF Service is easy to use, and the security it offers is good, especially with the WAF plus DDoS integration, which is ideal for media and all types of streaming.

I assess Radware Cloud WAF Service for blocking unknown threats and attacks as effective because it updates its mitigation policies with day-to-day strategies, incorporating new and emerging tactics. Additionally, it blocks some traffic based on AI, which enhances its ability to manage intrusion threats.

The automated analytics for looking at events is positive, as it has inbuilt automations that reduce our manual intervention. Due to this, there is a quick incident response in case of any high alert or critical case, ensuring that proper mitigations have been taken care of for any incident, which allows for a rapid response over any alert.

Radware Cloud WAF Service for integrating with other systems and applications in our business is seamless, as we have integrated Radware WAF with our SIEM monitoring tool, Microsoft Sentinel. We can get centralized logs for every tool on Sentinel, and it was easy to implement and integrate with it. Throughout the integration with Sentinel, we received excellent support and good documentation.

I assess Radware Cloud WAF Service for its ability to protect against zero-day attacks as competent since it adapts behavioral models. If it observes any vulnerability that Radware WAF hasn't recognized in its recent models, it trains its models based on behavior to manage zero-day exploits, ensuring that if any sudden bot traffic or API abuse occurs, Radware mitigates it and blocks all such traffic effectively.

The combination of negative and behavior-based positive security models is crucial for our organization's security strategy because Radware assumes everything is allowed unless it observes any malicious activity or anomaly. In such cases, WAF only blocks when something malicious or specific signatures are observed, making it reliable for our applications and ensuring none are hampered by any false positives.

We use Radware Bot Manager. With Radware Bot Manager, we have discovered issues such as web scraping and DDoS bots from our incoming bot traffic that we weren't aware of before, as it provides detections for that and actively blocks all such DDoS traffic and bot traffic based on its AML algorithms. We have also enabled API bot protection.

We use the web DDoS protection offered by Radware. Radware Cloud WAF Service has helped in our business continuity by ensuring that no legitimate traffic is blocked. Only when something suspicious based on L3, L4, or L7 DDoS attacks or such signatures is observed does Radware block malicious traffic, guaranteeing reliability and continuity for our web applications.

The solution requires maintenance when we want to configure or tweak any policy, which is when we seek support from the tech team.

Our team includes 30 engineers who use Radware WAF. We will recommend this product to other users because we have suggested it to our peers. Looking at the solution this tool has provided us, we find it beneficial enough to promote it to others.

On a scale of 1-10, I rate this solution a 9.

My use case for Radware Cloud WAF Service is that we have Radware as one of our products for security protocols that we have established at our organization. Whenever there is a cloud security alert, we check Radware services so that we can mitigate the alerts.

What I appreciate the most about Radware Cloud WAF Service is the API management. The API information that they provide is excellent. The hidden and non-discoverable APIs information available with Radware Cloud WAF Service is really great.

I cannot share some important details of the incident that we received. That said, thanks to this feature, we were able to mitigate a threat. The information they provide and the discovery they do really help us out in some incidents.

They also help us meet compliance requirements. Being a big organization, we have to meet certain compliance standards, and for the PCI DSS, this product really helps us out.

Radware Cloud WAF Service is a comprehensive tool, and my functionality with it is limited as I'm working on multiple things at a time as a security consultant. In our organization, only specific tasks are assigned to a single individual. That's why I'm primarily focused on API security and sometimes DDoS attacks.

Radware Cloud WAF Service integrates very well with other applications and services; we have Microsoft TI tool with us, and it's integrated efficiently. We receive the alerts on time.

Regarding zero-day attacks, we are fortunate that we haven't received any as of now. For API security, I have closely seen how Radware Cloud WAF Service has helped us twice this year.

We use Radware Cloud WAF Service for our security purposes. We have a symbiotic relationship with Radware Cloud WAF Service. They provide us with information and necessary security steps, and we use it for our investigation or threat hunting.

As for the downsides of Radware Cloud WAF Service, I would surely appreciate some AI integration with report management. Whenever we handle an incident, we have to generate many reports. We have to get data, information, and screenshots on multiple things. A future feature in Radware Cloud WAF Service that could give us a presentable report for our stakeholders would be a really great addition.

I have been using Radware Cloud WAF Service for about 18 months.

I have never seen any lagging, crashing, or downtime with Radware Cloud WAF Service.

The cloud engineering team has told us it's really scalable. Whenever we deploy something or integrate this, it's really flexible with the DevOps and DevSecOps teams.

I have never contacted the technical support or customer support. We have communication through emails; nothing very technical.

Positive

The learning curve for using Radware Cloud WAF Service is very easy. There is nothing too complex about it.

We have these Radware information sessions and emails coming up to tell us the latest about what's happening in the cyber environment. They provide information on basic concepts and where to find it in the emails. Even a beginner can learn it within ten days.

Radware Cloud WAF Service does not require any maintenance on my end.

I have never used any alternatives to Radware Cloud WAF Service. In my previous company and currently at our company, it has been Radware Cloud WAF Service.

The source blocking feature is not utilized here as we use a different solution for source blocking. My colleague handles the Bot Manager aspects. Everyone here has different tasks, roles, and responsibilities, and we get assigned to specific incidents.

I rate Radware Cloud WAF Service nine out of ten.

My use cases for Radware Cloud WAF Service in my current organization, where I serve as a Cyber Security expert and SOC analyst, involve deeply investigating live network traffic from both inside and outside our organization to improve security through real-time threat monitoring and live data analysis. For example, when a new application was set up in the Adani Group, which is a very big organization, we received significant traffic that day; we used Radware Cloud WAF Service to check the indicators and investigate accordingly, based on the rules we had set. This not only helps during predefined activities but also during unexpected high traffic instances, allowing us to enhance security effectively.

While there are many features of Radware Cloud WAF Service that I appreciate, one standout feature is the integration of seven applications of Adani for analysis, which provides a separate dashboard to monitor various domains effortlessly. 

The user experience is designed to be straightforward, allowing easy preferences and interactions. Radware Cloud WAF Service effectively handles zero-day attacks by rapidly identifying vulnerabilities before they can affect our organization, which enhances our proactive measures through collaboration with various teams, such as the VA team, to address vulnerabilities and apply necessary patches.

Although I don't consider it to have significant downsides, I believe the UI could be improved to be more user-friendly, especially for new joiners in SOC who might struggle to understand the traffic based on numerical data. For instance, a tree chart feature available in other platforms, such as CrowdStrike, could simplify the understanding of traffic flow and save time on analysis.

I have been using Radware Cloud WAF Service for approximately 1.5 years, as I joined the Adani Group three months ago after working at N10 TechnoSoft, which involved development and cyber security.

I have not experienced any significant downtime or crashing with Radware Cloud WAF Service, although I have noticed occasional issues with logging in through SSO that cause redirects to a 404 page, which I resolve by restarting my browser.

I find the scalability of Radware Cloud WAF Service to be very good and would rate it a 9 or a 9.5 on a scale of 1 to 10.

I have contacted the technical support and customer support multiple times due to the need for clarification on functionality in our 24/7 SOC environment, where understanding various features is crucial for analysis. They have been responsive and helpful, reaching out within a day or two. If I were to score the support on a scale from 1 to 10, I would give it an 8.5. I would round that score up to a 9.

Positive

The initial deployment of Radware Cloud WAF Service was easy; however, it required some time to understand fully. I estimate it took around two months to fully deploy Radware Cloud WAF Service for the first time, based on what I've heard from colleagues, as I recently joined the company where Radware Cloud WAF Service has been in use for more than three to four years.

Regarding current pricing, it is managed by our higher authorities, but I believe the price is reasonable for our organization. If we expand our services in the future, the current pricing doesn't pose an issue for us, especially as it opens opportunities for profitability based on the services we utilize from Radware Cloud WAF Service.

While I haven't used direct alternatives to Radware Cloud WAF Service, I can mention that we consider CSPM in our cloud segment. The company is exploring the possibility of providing services to other companies, signaling future growth and deeper integration of Radware Cloud WAF Service.

In terms of API usage, I focus on using the bot management and API security functionalities of Radware Cloud WAF Service, which protect against automated threats such as DDoS attacks created by bots. 

Overall, I would rate Radware Cloud WAF Service an 8.8; while there are strong features present, there is room for improvement, particularly concerning end-user analytics, which would justify a higher score.

My use case for Radware Cloud WAF Service is to block all IPs and geo-locations that are not required in the organization.

Blocking based on geolocation is very helpful.

The automated analytics for analyzing events are beneficial for automation and make it easier for analysts working in the SOC. It is useful for analytical purposes as it helps us understand how we can perform various activities that Radware Cloud WAF Service belongs to.

Radware Cloud WAF Service has reduced our false positive rate by more than 50%. Regarding the blocking feature, Radware Cloud WAF Service is one of the best tools as we can easily block and reduce our alerts through IP blocking. We utilize CDN services with Radware Cloud WAF Service, and although it was initially challenging to understand, once we grasped it, it became easy for us.

I am using web DDoS protection with Radware Cloud WAF Service, and it is a very good product for protecting our businesses. The WAF protection is excellent and does not require any improvements as it is already working effectively and is executable. Radware Cloud WAF Service is really good for protecting against zero-day attacks as it protects our organization and businesses effectively. For patching purposes, once a zero-day attack has been exploited, we can block some geo-locations to prevent other attackers from targeting us.

Compared to other Cloud WAFs, Radware Cloud WAF Service is one of the best since it blocks for protection purposes within 15 to 20 minutes when we raise an incident, while it takes longer for others to implement geo-fencing and related protections.

The area that can improve with Radware Cloud WAF Service is the speed at which they block geo-fencing and IP for P1 cases, which currently takes about an hour. If they could reduce that to ten to 15 minutes, it would be easier for us.

I have been using Radware Cloud WAF Service for one and a half years.

I rate the stability of Radware Cloud WAF Service as ten out of ten, as there are no glitches, and when they occasionally happen, they notify us, making it easier than other services.

More than 500 users are using Radware Cloud WAF Service.

I would rate the technical support as ten out of ten.

Positive

I find the solution easy to deploy.

The pricing is moderate, making it affordable for any business and not overly costly.

I definitely recommend Radware Cloud WAF Service products to other users as it is comparatively good, not very costly, and the service they provide is among the best. 

I rate this solution ten out of ten.

In my organization, we are focused on using various security measures to protect against threats, particularly those related to bots. The key product we have employed is Radware Cloud WAF Service, which primarily provides DDoS protection. This service helps us block large-scale attacks aimed at exploiting network vulnerabilities and other weaknesses in our applications.

Additionally, we utilize the Radware Cloud WAF Service to safeguard our websites and application APIs from threats like SQL injection and other malicious activities, employing various authentication methods for enhanced security. I am also working on learning about bot management, as I have been assigned a task in this area. So far, I have been studying behavioral analysis and detection methods that can identify and block malicious bots effectively.

I have worked with the API feature of Radware Cloud WAF Service and have experience with the GraphQL endpoint. While I haven't worked on advanced web attacks, I am familiar with common ones. As many applications heavily rely on APIs, it's obvious for attackers to target them. The WAF provides mobile and web app backend security for protection, and I have mainly used the bot detection and mitigation feature to detect and block malicious bot attacks.

Zero-day attacks can be particularly challenging because they exploit vulnerabilities that are not yet known to the software vendor. However, certain solutions can effectively address these threats. One of the key benefits of Radware Cloud WAF Service is its ability to detect potential vulnerabilities before they can be exploited by attackers.

Currently, there is a growing trend towards using machine learning and AI models, which can provide proactive defenses against zero-day vulnerabilities. As we know, a zero-day vulnerability can pose significant risks to any organization or system. One concept that is crucial in this context is behavior-based analysis and detection. This involves analyzing incoming suspicious requests to identify patterns that do not align with normal behavior. When such anomalies are detected, the system can alert administrators to take appropriate action. Another important feature is virtual patching. This technique can block known vulnerabilities at the edge, even before an official patch is released by the vendor. This proactive approach helps mitigate risks while waiting for a formal solution.

Source blocking is a method we employ in our organization to block incoming requests from specific sources based on the type of traffic. This approach helps us effectively identify and filter out malicious or unwanted traffic. By recognizing certain requests as malicious, we can prevent them from reaching our systems. We have blocked specific IP ranges, known malicious URLs, and other sources based on geographical locations, depending on our organization's needs. To strengthen our defenses, we use various filters tailored to our requirements, along with threat intelligence feeds and behavioral patterns. Overall, source blocking plays a crucial role in preventing attacks and enhancing our security posture, especially against brute force attacks originating from known malicious IPs.

Radware Bot Manager, a security tool that helps identify and manage bot traffic and malicious bot attacks, is important for organizations that face heavy traffic loads. Bot Manager helps reduce bot attacks and secure us from threats. I have experience with behavior analytics, custom rules, and the bot detection engine, which focuses on identifying malicious bots and securing APIs from automated abuse.

What I appreciate most about Radware Cloud WAF Service is that it includes all the aspects that an organization wants to run smoothly, such as overall configuration and real-time protection methods, customization of rule creation, fast deployment, and vital visibility in environment maintenance. Its maintenance cost is very low unlike others, and the real-time dashboards show us who is attacking and what types of attacks are happening in our environment or any endpoints or devices being targeted.

I appreciate the real-time protection part, especially against SQL injection and Zero-Day exploits. Radware Cloud WAF Service is beneficial for detecting Zero-Day vulnerabilities before they are exploited by attackers. With a focus on machine learning and AI models, it offers proactive defenses against these vulnerabilities. The WAF utilizes behavior-based analysis to identify anomalous requests and can virtually block known vulnerabilities at the edge before vendor patches are released.

In some cases, if the configuration of rules is too strict or complex, there might be a possibility that genuine traffic gets blocked or considered a false positive. The complexity can be lowered to improve the understanding for users or customers.

I have been using Radware Cloud WAF Service for nearly one year.

I have contacted the customer support of Radware and generally received responses within the scheduled framework, ensuring that my tasks are completed on time. I am quite satisfied with their customer support.

Positive

The initial deployment involves a specific set of stages that are quite transparent. There are several steps we typically encounter during this process. While I wouldn't describe the configuration as overly complex, I would categorize it as moderate in difficulty. I would rate it as moderate. It’s not too challenging, but it does require some attention.

I would rate Radware Cloud WAF Service a nine out of ten.

Our use case for Radware Cloud WAF Service is as a web application firewall. It is a security device or service that monitors, filters, and blocks the traffic between a web application and the Internet to protect it from cyber attacks.

Radware Cloud WAF Service is a ten out of ten for blocking unknown threats and attacks. I am very satisfied. My impressions of the automated analytics for looking at events is ten out of ten.

The automated analytics technique is basically on the next level. It uses artificial intelligence and machine learning to analyze traffic, detecting anomalies, and automating the response to cyber threats in real time. Its proactive threat protection reduces false positive alerts and enhances mitigations.

We use the API discovery feature for API protection, which includes bot mitigation, API protection, and distributed denial of service DDoS protection. The API discovery feature helps us reduce overhead costs by providing a capability to automatically identify and inventory the APIs exposed by the protected web application. API discovery includes endpoint and schema learning, identification of shadow and zombie APIs, behavior analysis, and integration with API security.

We use CDN services offered by Radware Cloud WAF Service together with Akamai for our control delivery network, which connects end users from the nearest location to optimize user experience.

Radware Cloud WAF Service integrations provide a comprehensive view of our web application security by centralizing web logs into the SIEM platform for advanced detection, analysis, and incident response. It allows for correction of WAF events with other data security tools, automating workflows, and improving threat hunting. Integrated SIEM and setting up dashboards and correction rules within the SIEM gives us actionable insights.

The implementation has saved us over 90% of time. For zero-day attacks, it is effective because it uses real-time threat intelligence and machine learning. It applies adaptive behavior analysis to detect anomalies in traffic patterns and generates dynamic security policies. While signature-based detection is used for known threats, Radware's solution also implements positive security models.

The combination of negative and behavioral based positive security models involves broad detection. These combinations allow for policies, thereby avoiding false positives and false negatives. There are supervised and good networks, unsupervised cluster detection, and adaptive learning for action.

The source blocking feature blocks real-time automated cybersecurity threats from malicious IP addresses by correcting security events across multiple protection models. It automatically blocks them from accessing any protected application for a configurable duration.

We use Radware Bot Manager, which provides three-layered protection: preemptive protection that blocks malicious IP addresses and identities, behavioral risk detection with employment scene analyzer to distinguish between human and bot traffic, and options to stop or challenge bots.

Radware Bot Manager has helped in our compliance efforts with a ten out of ten rating. It provides website secure connection and automates protection against threats such as account takeover, credential stuffing, brute force attacks, and payment abuse or spam.

The real-time BLA detection and mitigation affects our threat management positively. Deep tech inspection involves analyzing network traffic flows, and Radware Cloud WAF Service scores ten out of ten. It inspects the actual content of packets to identify, classify, and act upon data and applications in real time.

We use web DDoS protection, specifically the L7 HTTP, which helps us with its AI-powered and behavior-based algorithms to generate signatures in real time and rapidly detect and mitigate L7 DDoS attacks without harm to the organization.

The best features of Radware Cloud WAF Service, which we use on a daily basis, include natural self-cooling properties. Radware offers us advanced and automated features such as continuous traffic learning, adaptive AI-driven policies, and automatic app mapping and API security protection. It also prevents us from zero-day threats, including OWASP Top Ten. 

It is robust and protects our organization from vulnerabilities, including zero-day exploits, bot attacks, and DDoS attacks. Additionally, it offers behavior analysis and provides hybrid deployment flexibility for both on-premises and cloud environments. These are the key benefits of Radware.

Radware Cloud WAF Service has reduced our false positives to over 90%.

In terms of areas for improvement, the price is somewhat high. More use of tools such as AI and ML is needed. AI-powered DDoS defense tools and behavior DDoS protections are in place. They should also improve visibility, control, and user interface. The dashboard needs improvement as some users find it complex.

I have been using Radware Cloud WAF Service for more than two to three years.

I would rate the stability of Radware Cloud WAF Service as good.

For scalability, I would rate it a ten out of ten.

There are 20 to 30 users in my organization working with the solution.

I would rate Radware's support for Cloud WAF Service as top notch.

The deployment of Radware Cloud WAF Service was easy. It took about a month.

The solution does not require any maintenance.

We have seen more than 10% return on investment.

Radware Cloud WAF Service was purchased through a partner. 

In comparison with other WAF software, Radware Cloud WAF Service is at the top level. It provides the best outcome and next-gen detection. I would definitely recommend Radware Cloud WAF Service to other users because as an organization, we use it daily, and the tools provide the best outcome to secure and monitor organization traffic.

I would overall rate Radware Cloud WAF Service a ten out of ten.

My use case for Radware Cloud WAF Service is mostly defending web applications against web application-related attacks, and it is mostly related to bots. I have onboarded multiple websites onto Radware Cloud WAF Service, so by default, it prevents SQL injection, cross-site scripting, and other attacks, and it even detects any bots and fake account creations on our main website.

The best feature in Radware Cloud WAF Service is its bot management, as there are many fake account creations on our website, and this feature is great. I also use Radware Cloud WAF Service for load balancing and DDoS-type attacks, fulfilling multiple use cases.

The effectiveness of automated blocking in the Radware Cloud WAF Service stems from its ability to automatically block known botnets, proxies, and malicious IPs from the global threat intelligence feed, making it highly beneficial. 

Our environment is safe due in part to behavior and anomaly detection, which provides IP-based, subnet-based, and country-based blocking.

I use the automated source blocking feature in Radware Cloud WAF Service. From my experience regarding incoming bot traffic, I discovered there were DDoS attacks in some areas, with multiple botnets being created, which were automatically blocked by Radware Cloud WAF Service due to the recognition of known botnets.

My thoughts on the automated analytics for looking at events in Radware Cloud WAF Service are positive; it learns automatically based on behaviors and threat intelligence IP addresses, blocking anomalies. If an anomaly is found, we get a detection and it is automatically blocked, while the model learns the traffic patterns of onboarded applications, aiding in the fine-tuning of security policies.

I use the API discovery feature for IP blocking. My impressions of the end-to-end API protection within Radware Cloud WAF Service are that both communications are encrypted, providing security during API discovery, which also offers authentication before accessing anything. After successful authentication, it is helpful for access and authentication, as well as traffic prevention.

I use the CDN services offered by Radware together with Cloud WAF Service for load balancing. Using CDN together with Radware Cloud WAF Service is easy, as everything can be implemented at one point, protecting against web application attacks and DDoS attacks. This integration is quite good.

Radware Cloud WAF Service has helped reduce false positives, although I have not encountered many use cases, since we have around seven to ten applications onboarded. We have numerous instances in the prevention of malicious IPs and blocking web attacks, but for false positives, I can say it is about ten to 20 percent.

The real-time BLA detection and mitigation in Radware Cloud WAF Service has affected threat management positively; while it might sometimes trigger false positives, it effectively detects behavior and helps block threats about 50% of the time.

In Radware Cloud WAF Service, areas for improvement include behavioral and anomaly detection, where it could be better by reducing false positives. The AI feature can also improve; while the API is fine, behavioral and anomaly detection sometimes learns automatically from the traffic, potentially triggering false alerts.

I have been using Radware Cloud WAF Service for around two to three years.

Regarding the stability of the solution, I have observed some downtime in the portal, however, not in other respects, so I would rate it a seven out of ten.

I would rate the scalability of Radware Cloud WAF Service a nine out of ten, as it is pretty good.

I would rate the technical support of Radware Cloud WAF Service a seven to eight out of ten.

Positive

My thoughts on Radware Cloud WAF Service's integration with other systems and applications are mostly positive; it's a pretty easy setup, as we just need to provide our applications and get ready to onboard. It is not complicated, and we just need to enable different services.

I am not much aware of the pricing; however, I've seen different WAF pricing, and this seems to be okay, cheaper.

When comparing Radware Cloud WAF Service with other WAF solutions, I find that some features are missing in other companies, which makes Radware Cloud WAF Service different. 

Additionally, the support that Radware Cloud WAF Service provides is good, unlike some others where the support is lacking.

I definitely recommend this product to other users, as it is a good product for those needing to protect their applications from fake account creations and web application attacks. 

On a scale of one to ten, I rate Radware Cloud WAF Service a nine out of ten.