The main use case my organization has for Radware Cloud WAF Service is the protection of websites. A concrete example of how my organization uses Radware Cloud WAF Service to protect these websites is that the platform is protected by hardware against attacks such as SQL Injection.
Radware Cloud WAF
RadwareExternal reviews
177 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Cloud security has protected our client websites and blocks injection and zero‑day attacks
What is our primary use case?
What is most valuable?
Radware Cloud WAF Service is very good, and there are various features such as DDoS for blocking mass attacks. The best features offered by Radware Cloud WAF Service include that it is SaaS. The features I consider to be the best include a user-friendly interface, very good support, fast response times, and very advanced tools for blocking Zero-day attacks. The positive impact of Radware Cloud WAF Service on my organization is the defense of the websites of our clients, since hackers constantly attack the websites and Radware Cloud WAF Service protects our websites. Since using Radware Cloud WAF Service, we have experienced measurable benefits such as the blocking of SQL Injection, XSS, RFI, LFI, and various injection attacks.
What needs improvement?
An aspect that could be improved in Radware Cloud WAF Service is having more reports. I would prefer that part to be improved by having the data presented in charts and more visual dashboards in order to have a more accurate analysis of what is happening in real time.
For how long have I used the solution?
I have been using Radware Cloud WAF Service for two years.
What do I think about the stability of the solution?
I consider Radware Cloud WAF Service to be a stable solution.
What do I think about the scalability of the solution?
I have not needed to scale the initial service yet, as it still meets my needs.
How are customer service and support?
I would rate Radware's customer support for Radware Cloud WAF Service as very good. On a scale from one to ten, I would rate customer support a ten.
Which solution did I use previously and why did I switch?
We used other solutions before Radware Cloud WAF Service, and then we migrated to Radware.
Which other solutions did I evaluate?
Before choosing Radware Cloud WAF Service, we evaluated other options, considering it being SaaS in the cloud because of the ease of configuration and maintenance.
What other advice do I have?
I rate Radware Cloud WAF Service a ten overall. I give it a ten because I appreciate the platform, the support, the blocking capabilities of the tool, the features, the infrastructure, and the ease of use. I would advise other professionals considering using Radware Cloud WAF Service that it is very good, very fast, and very simple to understand and configure, although I do not have information about the price.
Strong Protection Against Bots, Scanners, and DDoS
What do you like best about the product?
credential stuffing bots
scraping bots
vulnerability scanners
DDoS botnets
scraping bots
vulnerability scanners
DDoS botnets
What do you dislike about the product?
Complex Initial Setup
Reporting and Analytics Could Be Better
Steep Learning Curve
Pricing Can Be High
Reporting and Analytics Could Be Better
Steep Learning Curve
Pricing Can Be High
What problems is the product solving and how is that benefiting you?
Load Balancing
User-Friendly Platform with Clear, Thorough Device Configuration Guidance
What do you like best about the product?
The platform is user-friendly, and the graphical interfaces are easy to understand and use. The operating logic is comprehensive, and the device configuration is explained clearly and thoroughly in the operating manual provided by the vendor.
What do you dislike about the product?
Sometimes certain policy configuration dynamics are difficult to implement for users with little operational experience.
What problems is the product solving and how is that benefiting you?
It certainly provides effective protection against application-based attacks, which is essential for a company whose business model is based on an online application.
Intuitive Dashboards and Real-Time Monitoring with Clear Security Insights
What do you like best about the product?
The intuitive dashboards and real-time monitoring provide clear, easy-to-understand insights into both traffic and potential threats.
What do you dislike about the product?
The service feels expensive, which may not be a good fit for smaller, budget-conscious organizations.
What problems is the product solving and how is that benefiting you?
It protects web applications and APIs from sophisticated, evolving threats, including OWASP Top 10 risks, zero-day attacks, API threats, and DDoS.
Detailed control over web traffic and threats
What do you like best about the product?
The fact that Radware Cloud WAF provides such a great degree of control over application security policies is what I like most about it. I use it every day in our online business of retailing products to secure the checkout processes and the customer accounts. The number of features enables us to develop granular rules of various endpoints and user behaviors. Due to its usage frequency, it has become a fixed stack in our security stack. I also like the attack logs, which are detailed, and are useful during internal security analysis and audits.
What do you dislike about the product?
The reliance on the experienced staff is another problem. Some of the policy behaviors and log details cannot be comprehensible without advanced knowledge. The features are strong and may bewilder the less experienced analysts. The lack of knowledge may extend the response time due to its frequent use. This made us invest further in special training which made our process of dealing with our cybersecurity team more costly.
What problems is the product solving and how is that benefiting you?
It is dealing with the current menace of web attacks against our public applications. Prior to the adoption, we had experienced frequent bot traffic and attempted injection attacks on our customer portal. Protection policies are now regular and organized with regular usage frequency. The list of features enables us to use layered defenses on APIs and login systems. This has minimized emergency security increases and enhanced confidence between IT and executive management.
Powerful, Adaptive Security with Seamless Integration and Strong Support
What do you like best about the product?
Powerful and Adaptive Security Protection, Ease of Use and Operational Efficiency, Flexible Deployment and Seamless Integration, High-Quality Customer Support
What do you dislike about the product?
User Experience & Management,Configuration and UI Complexity, Slow Management Operations: Security & Support Concerns: History of WAF Bypass Vulnerabilities.
What problems is the product solving and how is that benefiting you?
Overwhelming Complexity and Sophistication of Modern Web Threats
Protection from Advanced and Zero-Day Attacks:
Security Gaps and Inefficiency in Hybrid and Multi-Cloud Environments
High Operational Overhead and Alert Fatigue
Protection from Advanced and Zero-Day Attacks:
Security Gaps and Inefficiency in Hybrid and Multi-Cloud Environments
High Operational Overhead and Alert Fatigue
Clean, Modern Web UI That Makes Status and Metrics Easy to Visualize
What do you like best about the product?
The Web interface is now very clean and has a modern look. It's quite easy to visualize app status, expiring certs as well as general metrics and indicators.
What do you dislike about the product?
There has been a recent period where admin portals were under migration or some kind of merge, which cause a bit of confusion.
What problems is the product solving and how is that benefiting you?
Protecting our perimeter Web sites, which we have in a certain amount.
Easy and Effective Securing of Our Applications
What do you like best about the product?
I really appreciate the efficiency of Radware Cloud WAF in protecting applications. Its ease of use is a big advantage, as is the availability of technical support, which makes the onboarding process quite easy.
What do you dislike about the product?
There are certain bugs in the admin console that can be improved. Sometimes, the admin console does not show the settings that are actually applied.
What problems is the product solving and how is that benefiting you?
I use Radware Cloud WAF to protect our online applications against attacks and data exfiltration attempts, as well as for DDOS protection.
Adaptive ML Protection with 24/7 SOC Support in One Cloud Platform
What do you like best about the product?
From a customer perspective, the behavioral-based detection and machine learning capabilities make a clear, noticeable difference. The platform adapts to our application traffic patterns, which has significantly reduced false positives compared with the more static, rule-heavy WAF solutions we’ve used in the past. As a result, we spend less time tuning policies and more time focusing on strategic security initiatives.
Another major advantage is the fully managed service model. The 24/7 SOC support and proactive monitoring give us confidence that threats are being addressed in real time, even outside of business hours. That level of responsiveness is critical for protecting customer-facing applications.
We also appreciate the integrated approach. Having WAF, API protection, bot mitigation, and L7 DDoS protection consolidated into a single cloud platform simplifies our architecture and vendor management. It has improved visibility and reduced complexity across our security stack.
Overall, Radware Cloud WAF delivers effective protection with strong operational efficiency, which is exactly what we were looking for.
Another major advantage is the fully managed service model. The 24/7 SOC support and proactive monitoring give us confidence that threats are being addressed in real time, even outside of business hours. That level of responsiveness is critical for protecting customer-facing applications.
We also appreciate the integrated approach. Having WAF, API protection, bot mitigation, and L7 DDoS protection consolidated into a single cloud platform simplifies our architecture and vendor management. It has improved visibility and reduced complexity across our security stack.
Overall, Radware Cloud WAF delivers effective protection with strong operational efficiency, which is exactly what we were looking for.
What do you dislike about the product?
One challenge is the platform’s learning curve and overall complexity. Configuring fine-tuned policies and fully understanding the feature set takes time and expertise. For teams without dedicated WAF specialists, getting the most out of advanced controls (such as customized behavioral policies or bot-mitigation tuning) can be resource-intensive.
Another concern is visibility and the reporting experience. While Radware provides robust telemetry, some users find the dashboards and analytics less intuitive and harder to tailor to business-specific reporting needs than competing tools with more user-friendly UIs. As a result, incident analysis and executive reporting can take longer than expected.
A third point is alert volume and the tuning overhead early in deployment. Even though machine learning can reduce false positives over time, the initial tuning phase may generate a high number of alerts that still require manual review, which can be burdensome for lean teams.
Finally, because this is a managed cloud service, there is less direct control over the underlying infrastructure and rule engines than with self-hosted or appliance-based options. For customers who want tight control over every aspect of policy deployment and performance optimization, this service model may feel somewhat restrictive.
Another concern is visibility and the reporting experience. While Radware provides robust telemetry, some users find the dashboards and analytics less intuitive and harder to tailor to business-specific reporting needs than competing tools with more user-friendly UIs. As a result, incident analysis and executive reporting can take longer than expected.
A third point is alert volume and the tuning overhead early in deployment. Even though machine learning can reduce false positives over time, the initial tuning phase may generate a high number of alerts that still require manual review, which can be burdensome for lean teams.
Finally, because this is a managed cloud service, there is less direct control over the underlying infrastructure and rule engines than with self-hosted or appliance-based options. For customers who want tight control over every aspect of policy deployment and performance optimization, this service model may feel somewhat restrictive.
What problems is the product solving and how is that benefiting you?
Ease of Use:
The platform delivers comprehensive protection, but the interface can feel complex at first. If you’re already familiar with web application security concepts, it’s manageable. For less experienced users, some menus and options take time to understand and navigate confidently. Usability improves noticeably once you’ve spent time in the platform, but it isn’t immediately intuitive.
Ease of Implementation:
Implementation was straightforward for the basics, such as pointing DNS and enabling protection. That said, fine-tuning policies to match our application’s normal behavior took more effort than we initially expected. The initial setup phase also ran longer than planned because we focused on minimizing false positives.
Customer Support:
Radware’s customer support and managed service responsiveness have been strong. The 24/7 support model, along with proactive monitoring, helps ensure issues are addressed quickly. When we had questions about specific attack types or needed policy recommendations, their team provided timely, practical guidance.
Frequency of Use:
We use the platform regularly, mainly to review alerts, adjust policies, and check reports. Our security team accesses the dashboard daily, and the alerting cadence has become more reasonable as the system has adapted to our traffic patterns.
Number of Features:
Radware Cloud WAF includes a broad feature set, including core WAF protections, API security, bot mitigation, L7 DDoS protection, and behavioral analytics. The overall feature list is extensive and aligns well with enterprise security requirements. Some of the more advanced capabilities, such as detailed behavioral policies, become especially valuable once you understand how to use them.
Ease of Integration:
Integration with our DNS, SIEM, and monitoring stack has been solid. We did need to adjust some internal workflows to fit Radware’s event formats, but the available APIs and documentation made that workable. Overall, we didn’t run into any major blockers during integration.
Problems It Is Solving and the Benefit:
Radware Cloud WAF addresses several key challenges for us. It blocks application-layer attacks (e.g., OWASP Top 10) in real time, which reduces risk without requiring constant manual intervention. Its behavioral learning and adaptive policies help reduce false positives over time, increasing confidence in alerts and cutting down on noisy events. The managed service model also means expert support is monitoring and tuning in the background, which reduces the operational burden on our internal team. In addition, the integrated bot mitigation and API security help protect against automated abuse and API-targeted threats that our legacy tools didn’t handle well.
Overall, the solution strengthens our security posture, reduces manual workload, and improves visibility into application threats that we previously lacked. There is a learning curve and some complexity in policy management, but for us the operational and security benefits outweigh those challenges.
The platform delivers comprehensive protection, but the interface can feel complex at first. If you’re already familiar with web application security concepts, it’s manageable. For less experienced users, some menus and options take time to understand and navigate confidently. Usability improves noticeably once you’ve spent time in the platform, but it isn’t immediately intuitive.
Ease of Implementation:
Implementation was straightforward for the basics, such as pointing DNS and enabling protection. That said, fine-tuning policies to match our application’s normal behavior took more effort than we initially expected. The initial setup phase also ran longer than planned because we focused on minimizing false positives.
Customer Support:
Radware’s customer support and managed service responsiveness have been strong. The 24/7 support model, along with proactive monitoring, helps ensure issues are addressed quickly. When we had questions about specific attack types or needed policy recommendations, their team provided timely, practical guidance.
Frequency of Use:
We use the platform regularly, mainly to review alerts, adjust policies, and check reports. Our security team accesses the dashboard daily, and the alerting cadence has become more reasonable as the system has adapted to our traffic patterns.
Number of Features:
Radware Cloud WAF includes a broad feature set, including core WAF protections, API security, bot mitigation, L7 DDoS protection, and behavioral analytics. The overall feature list is extensive and aligns well with enterprise security requirements. Some of the more advanced capabilities, such as detailed behavioral policies, become especially valuable once you understand how to use them.
Ease of Integration:
Integration with our DNS, SIEM, and monitoring stack has been solid. We did need to adjust some internal workflows to fit Radware’s event formats, but the available APIs and documentation made that workable. Overall, we didn’t run into any major blockers during integration.
Problems It Is Solving and the Benefit:
Radware Cloud WAF addresses several key challenges for us. It blocks application-layer attacks (e.g., OWASP Top 10) in real time, which reduces risk without requiring constant manual intervention. Its behavioral learning and adaptive policies help reduce false positives over time, increasing confidence in alerts and cutting down on noisy events. The managed service model also means expert support is monitoring and tuning in the background, which reduces the operational burden on our internal team. In addition, the integrated bot mitigation and API security help protect against automated abuse and API-targeted threats that our legacy tools didn’t handle well.
Overall, the solution strengthens our security posture, reduces manual workload, and improves visibility into application threats that we previously lacked. There is a learning curve and some complexity in policy management, but for us the operational and security benefits outweigh those challenges.
Advanced protections have blocked most web attacks and now simplify daily threat management
What is our primary use case?
I use Radware Cloud WAF Service to protect customers from cyber attacks, mostly SQL injections, cross-site scripting, and degradation with DDoS attacks.
Almost every day, cyber attackers are trying to disrupt the correct functionality of the application for our customers, so I review the console in Radware Cloud WAF Service, searching for strange behavior. If I see something that is not in place, I mostly block via geolocation or IP address or by activating the advanced protection from the applications in the tenant for the customers.
Mostly, I also create different types of rules with Radware Cloud WAF Service, varying from redirections to blacklisting, to whitelisting, exceptions, rate limiting, and others to better protect the customers.
What is most valuable?
The best features Radware Cloud WAF Service offers are mostly the advanced protections because you only need to activate them, and they protect against a lot of today's most common OWASP attacks.
The advanced protections help me in my day-to-day work with Radware Cloud WAF Service because they are very effective as they attack mostly the OWASP Top 10, and they are easy to use because you only need to activate them, and by default, they block a vast gamut of cyber attacks today.
Before our customers purchased Radware Cloud WAF Service, they had a lot of breaches in their network, and after, we successfully lowered the attack rates, and by that, we protect their applications better.
Before Radware Cloud WAF Service, our customers had almost four or five million requests, and they were not always clean, but now with Radware Cloud WAF Service, we see that we block almost 95 or 96 percent of the attacks that we are receiving.
What needs improvement?
I think the things I want to improve in Radware Cloud WAF Service are, for example, the possibility to upload CSV files with IOCs, so we can load a lot of IOCs in one load instead of loading them one by one manually.
I also want the possibility of seeing traffic in real time because I only see a dashboard with the security events, but in regards to real time, I don't see something that tells me how the traffic behavior is.
For how long have I used the solution?
I have been using Radware Cloud WAF Service for almost three years now.
What do I think about the stability of the solution?
Radware Cloud WAF Service is mostly stable.
What do I think about the scalability of the solution?
I think Radware Cloud WAF Service scales pretty well because we add more applications or users, and we don't have a problem with that.
How are customer service and support?
I have a good experience with customer support for Radware Cloud WAF Service; they tend to respond quickly to our cases and they help us really well with the cases.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I used Cloudflare and Imperva before Radware Cloud WAF Service, and we switched mostly because the security in Radware Cloud WAF Service console is easier to administrate than in the other providers.
What was our ROI?
Unfortunately, I don't have metrics for return on investment because I only administrate the console.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing for Radware Cloud WAF Service is good.
Which other solutions did I evaluate?
I evaluated Cloudflare and Imperva before choosing Radware Cloud WAF Service.
What other advice do I have?
I invite others looking into using Radware Cloud WAF Service to try it and see all the different protections that the console can provide. I would rate this solution an 8 out of 10.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
showing 11 - 20