Overview

Product video
Check Point WAF as a Service (WAFaaS) is an automated solution that delivers superior benefits of a top-tier Web Application Firewall and API Protection, requiring minimal manual intervention. The AI engine continuously learns the behavior of your application, tracking changes throughout its lifecycle. This ensures a minimal false positive rate and reduces tedious rule tuning after each application change. Check Point WAFaaS delivers a non-agent WAF that can be deployed in less than 15 minutes. Traffic is effortlessly routed through Check Point servers, which automatically issue SSL certificates. Upon redirection, any HTTP requests are intercepted for inspection and forwarded to the application only after validating their security. Check Point WAFaaS is available in advanced and premium packages. Premium include API Discovery and Zero-day file security. The advanced package provides:
- AI-based engines for prevention of Zero-day Attacks and OWASP Top 10 known attacks.
- AI-based contextual analysis engine to ensure precise detection rate with minimal false positives.
- Snort 3.0 signature enforcement engine.
- Advanced DDoS mitigation to ensure your applications stay accessible to legitimate users by mitigating attacks that overwhelm your network, servers, or applications.
- Rate limiting based on identifiers such as IP address and XFF - limited to 5 rules.
- Intrusion Prevention (IPS), over 2,800 Web CVEs, based on award-winning NSS-Certified IPS.
- Include 3 months of full logs retention - based on the fair usage policy.
You are entitled to free usage of 7 days or 1M HTTP requests whatever comes first, after that you will be billed.
Highlights
- Zero-day prevention: Check Point WAFaaS has demonstrated prevention of zero-day exploits across a wide spectrum of security events, including log4shell, text4shell, and MOVEit, all in real-time.
- Deployed within minutes, usage-based pricing: Check Point WAFaaS delivers a non-agent Web application Firewall, deployable within minutes. Requires one-time DNS configuration. The consumption is based on the actual number of requests processed by your applications.
- Prevent DDoS and automated bot attacks: Check Point WAFaaS provides real-time detection and automatic mitigation protection against Distributed Denial of Service (DDoS) attacks and bot-driven assaults.
Details
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide

Financing for AWS Marketplace purchases
Pricing
Dimension | Cost/unit |
|---|---|
First 10M HTTP requests | $1,500.00 |
10M-60M HTTP requests (price per 1M) | $38.00 |
60M-160M HTTP requests (price per 1M) | $22.00 |
160M HTTP requests and above (price per 1M) | $15.00 |
Vendor refund policy
No Refunds.
Custom pricing options
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
https://supportcenter.checkpoint.com/supportcenter/portal 24x7 email support with emergency phone number. Premier support available for enterprise customers.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Customer reviews
Ai-driven cloud security has strengthened threat prevention and improved security posture
What is our primary use case?
The main purpose is to have network security through machine learning, which can offer threat detection and intelligence for my endpoints, and I am looking for application security.
I am looking for an AI-based solution that can strengthen my cloud-native security, automate security, and better prevent threats.
I am looking for an AI-based solution and unified cloud-native security from the SaaS platform to improve my security posture.
What is most valuable?
Check Point WAF (formerly CloudGuard WAF) is a SaaS platform that gives unified cloud-native security across my applications, workloads, and network, allowing me to automate security, prevent threats, ensure compliance, and manage my security posture well across all my cloud environments.
It conducts security scoring and risk scoring, which helps prioritize my security needs, and the advanced threat detection is also very fine, providing actionable information for my current security threats by collecting and analyzing data through threat actors and IOCs, offering tactical, technical, and operational features.
What needs improvement?
The false positive rate is a concern, but I could recommend improvements where false positives have to be minimized better.
This all depends on how the rules are customized and configured, and it can also improve with planning during the initial configuration, including threat intelligence and APIs, so it could enhance how it defends against attacks and prompts injections.
It can find the threat actors behind it, and I find that strategically and technically it is effective, although the AI-related features could improve, especially as global AI capabilities evolve, which are advancing more than what Check Point WAF (formerly CloudGuard WAF) provides compared to competitors.
There are no glitches; I believe improvement could be made primarily in API Gateway and API security, especially by enabling enhanced AI-related features for better fine-tuning.
For how long have I used the solution?
I have experience of two years with the product.
What do I think about the stability of the solution?
It is stable.
What do I think about the scalability of the solution?
It is definitely a highly scalable solution without any doubt.
How are customer service and support?
The customer support is very good.
Which solution did I use previously and why did I switch?
How was the initial setup?
The deployment and initial setup are really straightforward; they provide enough documentation, videos, and deployment documents that are really helpful to complete it faster.
What was our ROI?
The return on investment is very good as it has increased my security posture and the operational efficiency of my engineers.
What's my experience with pricing, setup cost, and licensing?
It is a little bit expensive, but the pricing model is acceptable, though a reduction would make it more competitive with leaders such as Palo Alto.
Which other solutions did I evaluate?
I purchased from a different source.
What other advice do I have?
The configurations are pretty easy, and it is plug-and-play, which gives me regular updates.
I would assess the solution as positive in this regard.
All the integrations are pretty easy through API connectivity, which I can recommend more, and it also helps with modern AI-based vulnerabilities to conduct token tests and improve detection.
I would rate this review a 9 out of 10.
AI-driven protection has strengthened our API security and reduced successful web attacks
What is our primary use case?
What is most valuable?
I believe AI-driven threat detection and prevention capabilities help in identifying, blocking, and responding to application threats more effectively. The AI helps in Check Point WAF (formerly CloudGuard WAF) because it creates a targeted exclusion list based on its learning period. It can detect and stop or prevent threats based on context tuning and historical data.
What needs improvement?
For how long have I used the solution?
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
How are customer service and support?
How was the initial setup?
What other advice do I have?
Despite the complex nature and high price, I think the product is worth buying because it is effective. The configuration is complex, so it is not as easy as with other products. However, I believe it is worth the investment because the security is excellent. For security, Check Point WAF (formerly CloudGuard WAF) is a leader without a doubt. Check Point WAF (formerly CloudGuard WAF) is a very good, highly secure enterprise-level product, but it does have limitations, including the price and the need for trained personnel. I also encounter many errors during HA mode configuration, which can be tricky. I have a hybrid model for deployment. I would rate this review an eight overall.