F5 Web Application Firewall (WAF) Integration with AWS Is Available Today

Dave Morrissey Thumbnail
Dave Morrissey
Published April 24, 2023

I’m excited to share that F5 announced today that it has achieved the AWS WAF Ready designation, part of the Amazon Web Services (AWS) Service Ready Program. This designation recognizes that F5 has demonstrated successful integration with AWS WAF. Here are the details on AWS partner marketplace.

Achieving the AWS WAF Ready designation differentiates F5 as an AWS Partner Network (APN) member with a fully supported product integrating with AWS WAF. AWS Service Ready Partners have demonstrated success building products integrated with AWS services, helping AWS customers evaluate and use their technology productively, at scale, and with varying levels of complexity.

AWS WAF Delivery Partners are AWS Partners who implement AWS WAF to protect web applications from common web exploits that could compromise security, affect application availability, or result in the consumption of excessive resources. By working with an AWS WAF Delivery Partner, you can increase the security of your web applications with custom rules to block common attack patterns like SQL injection or cross-site scripting.

AWS WAF Software Partners offer customers a simple solution to deploying and maintaining their application layer security solution. AWS WAF software products provide distinct WAF rule sets and mitigation tools that customers can choose depending on their specific application use case, including Web Exploits OWASP, API security, CVE, and bot protection. Solution details, pricing, support, customer reviews, and rule sets can all be found here.

Product Overview

F5's Managed Rules for AWS WAF offer an additional layer of protection that can be easily applied to your AWS WAF. F5 has four variations, including F5 Web Exploits OWASP for AWS WAF, which can be found in the AWS Marketplace, to help your organization guard against attacks that are part of the OWASP Top 10 threats, including cross-site scripting, SQL injection, path traversal, and predictable resource. It offers integration with AWS WAF that makes it easy to deploy, in just a few clicks, without changes to your infrastructure. F5 Web Exploits OWASP for AWS WAF also offers rules that are written, managed, and updated regularly by F5 security experts, so you never need to worry about manually updating versions to protect against emerging vulnerabilities. Step-by-step deployment guidance can be found here.

Solution Highlights

  • Easily Enhance Security - No security expertise needed, simply attach rules to your AWS WAF instances to immediately bolster protection.
  • Continuously Updated - Rule sets are monitored, maintained, and updated by F5's security experts to ensure protection against evolving threats.
  • Fast and Simple Deployment - Attach F5's WAF rules to your AWS WAF instance in a matter of minutes, following three simple deployment steps.

F5 Advanced WAF – A More Sophisticated WAF Security Option

Alternatively, if you require more sophisticated protection, F5 Distributed Cloud Services ( or F5 Advanced WAF may be a more appropriate solution, or may be used in conjunction for layered security. Leveraging behavioral analytics, machine learning, and deep app expertise to thwart complex attacks such as L7 DDoS, simple automated bot threats, and API protocol attacks, F5 Advanced WAF affords apps and data unrivaled protection.

F5 Advanced WAF is an industry-leading web application firewall virtual appliance providing comprehensive protection for your websites, mobile apps, and APIs. Behavioral analytics, automated learning capabilities, and risk-based policies enable F5 Advanced WAF in securing applications against threats including application-layer attacks, malicious bot traffic, all OWASP top 10 threats, and API protocol vulnerabilities, while also including IP Intelligence threat feeds plus Threat Campaigns.

Via SaaS, F5 Distributed Cloud WAAP enables users to deploy, connect, secure, and operate applications across AWS, private data centers, on-premises networks, and edge clouds. Distributed Cloud Services provide a variety of app-to-app networking and security capabilities that include a router, bot protection, L3-L7 DDoS defense, load balancer, network firewall, web app firewall (WAF), API security, and API gateway into a single software stack and management portal.

This offering includes a free, full-featured 30-day trial as well as access to F5 premium support.

For sales inquiries, contact our sales organization here, and for all other general inquiries, email F5 at: