Un firewall de aplicaciones web (WAF) es un tipo de dispositivo de seguridad especializado en supervisar, filtrar o bloquear el tráfico HTTP hacia y desde una aplicación web.
A web application firewall (WAF) is a type of security device specialized in monitoring, filtering, or blocking HTTP traffic to and from a web application. It differs from a normal firewall in that it can monitor the content of specific web applications, being able to analyze in greater depth, whereas a traditional network firewall can be said to control general traffic between clients and servers, a WAF is of specific purpose when inspecting HTTP traffic a WAF protects web applications against threats such as SQL injection, XSS, CSRF, parameter manipulation among many others.