Next-Generation Web Application Firewall

Signal Sciences Next-Gen Web Application Firewall (WAF) provides flexible, scalable and accurate protection for your modern web applications, APIs and microservices.

How it works

As one of the first teams to go through the shift to cloud and DevOps, we know how modern software is built today, so we created a unique, next-generation approach to web application protection. Our Next-Gen WAF (NGWAF) is designed to handle the challenges from both DevOps and the Cloud.

Installing directly on your web server itself, our lightweight next-gen WAF module uses a safe, fail-open architecture to communicate with our local agent. This allows for a fast, reliable, and secure asynchronous connection to a proprietary cloud decision engine, ensuring that your customer traffic remains stable and secure—no matter what.

Next-Gen Benefits

Easy to Deploy

A simple one-line configuration change to your web server and your sites are covered in minutes. Our next-gen WAF is platform agnostic and and can be deployed in any IaaS, PaaS, container, cloud, or traditional data center.


"Dropping in Signal Sciences was trivial and was so easy from an operations perspective!"

George Bashi

Operations Manager @ Yelp Eat24

It's Fast

Our next-gen WAF is lightweight to guarantee performance SLAs so your site runs the way you built it to run: fast.


Chef Software relies on us for web app security at the speed of DevOps.  Learn why chef

Reliable and Accurate Decisions

95% of our customers are in full blocking mode for their production sites. We analyze over 100 billion requests per week and continually improve our detection and decision engine so you don’t see false positives.

Unparalleled Scalability

Our software scales elastically with your web servers whether in containers, on-prem or in the cloud. No need to configure virtual or physical appliances as your infrastructure changes or as traffic spikes.

Intelligence = Less Noise

Our powerful cloud decision engine looks at patterns across your sites to determine what are actual attacks versus noise. You’re only alerted when something really deserves your attention.

Designed to operate wherever your applications live

Modern Attack Protection
  • OWASP Top 10
  • Application DoS
  • Brute force attacks
  • Sensitive business logic attacks
  • Request rate limiting
  • Account takeover attacks
  • Bad bots
  • Virtual patching
Modern Web Server Support
  • NGINX
  • NGINX Plus
  • Apache
  • IIS
Language Support
  • .NET
  • Java
  • NodeJS
  • Go
  • Scala
  • PHP
  • C#
  • Python
  • Ruby