Sold by: Check Point Software Technologies
Deployed on AWS
Check Point WAF as a Service (WAFaaS) is an AI-based WAF solution delivering the highest protection against known and zero-day threats through advanced AI and IPS signatures. Check Point WAFaaS provides multiple layers of protection: rate limiting, AI engines, IPS signatures, zero-day file security, bot protection. Check Point WAFaaS delivers a non-agent WAF, deployable within minutes, and adds advanced DDoS mitigation. Traffic is seamlessly routed through Check Point servers, which automatically issue SSL certificates.
4.4
Overview
Check Point WAF as a Service (WAFaaS) is an automated solution that delivers superior benefits of a top-tier Web Application Firewall and API Protection, requiring minimal manual intervention. The AI engine continuously learns the behavior of your application, tracking changes throughout its lifecycle. This ensures a minimal false positive rate and reduces tedious rule tuning after each application change. Check Point WAFaaS delivers a non-agent WAF that can be deployed in less than 15 minutes. Traffic is effortlessly routed through Check Point servers, which automatically issue SSL certificates. Upon redirection, any HTTP requests are intercepted for inspection and forwarded to the application only after validating their security. Check Point WAFaaS is available in advanced and premium packages. Premium include API Discovery and Zero-day file security. The advanced package provides:
- AI-based engines for prevention of Zero-day Attacks and OWASP Top 10 known attacks.
- AI-based contextual analysis engine to ensure precise detection rate with minimal false positives.
- Snort 3.0 signature enforcement engine.
- Advanced DDoS mitigation to ensure your applications stay accessible to legitimate users by mitigating attacks that overwhelm your network, servers, or applications.
- Rate limiting based on identifiers such as IP address and XFF - limited to 5 rules.
- Intrusion Prevention (IPS), over 2,800 Web CVEs, based on award-winning NSS-Certified IPS.
- Include 3 months of full logs retention - based on the fair usage policy.
You are entitled to free usage of 7 days or 1M HTTP requests whatever comes first, after that you will be billed.
Highlights
- Zero-day prevention: Check Point WAFaaS has demonstrated prevention of zero-day exploits across a wide spectrum of security events, including log4shell, text4shell, and MOVEit, all in real-time.
- Deployed within minutes, usage-based pricing: Check Point WAFaaS delivers a non-agent Web application Firewall, deployable within minutes. Requires one-time DNS configuration. The consumption is based on the actual number of requests processed by your applications.
- Prevent DDoS and automated bot attacks: Check Point WAFaaS provides real-time detection and automatic mitigation protection against Distributed Denial of Service (DDoS) attacks and bot-driven assaults.
Details
Categories
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/unit |
|---|---|
First 10M HTTP requests | $1,500.00 |
10M-60M HTTP requests (price per 1M) | $38.00 |
60M-160M HTTP requests (price per 1M) | $22.00 |
160M HTTP requests and above (price per 1M) | $15.00 |
Vendor refund policy
No Refunds.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
https://supportcenter.checkpoint.com/supportcenter/portal 24x7 email support with emergency phone number. Premier support available for enterprise customers.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
A single pane-of-glass security management console delivers consistent visibility, policy management, logging, reporting and control across all cloud environments and networks
Check Point Check Point Cloud Firewall is a cloud-native security gateway that delivers automated, advanced threat prevention and multi-layered network security for assets that customers migrate to or store on AWS. Try it free for 30 days.
A single security management console delivers consistent visibility, policy management, logging, reporting and control across all cloud environments and networks
Advanced threat prevention security for AWS and hybrid cloud environments, with Threat Extraction and Threat Emulation, and with GWLB (starting with R81.20)
**Please note: To ensure optimal operations, Check Point recommends a 4 vCores machine size. This provides balanced efficiency and smooth performance, which most customers find ideal for their needs.
Advanced threat prevention security for AWS and hybrid cloud environments, with Threat Extraction and Threat Emulation.
**Please note: To ensure optimal operations, Check Point recommends a 4 vCores machine size. This provides balanced efficiency and smooth performance, which most customers find ideal for their needs.
Customer reviews
Dominika T.
Low False Positives and an Easy Setup from Day One
Reviewed on Jun 17, 2026
Review provided by G2
What do you like best about the product?
I like the most that since beginning of set up the rate of False Positives is significantly lower then in other tools. Also 0 day protection is working well and does not require manual rules updates.
What do you dislike about the product?
There is not enough of technical documentation and also initial set up is complicated. Will be easier if will be more knowledge-base articles available.
What problems is the product solving and how is that benefiting you?
It protect assets in hybrid, cloud and on-premises environments. Allows for Iac for better configuration so it allows to save some time of cloud security engineers.
Alejandro F.
Great UI, Smooth Integration, and Helpful Support
Reviewed on Jun 12, 2026
Review provided by G2
What do you like best about the product?
The user interface is really good, also a good integration and performance on my device. Pricing is okay in the actual market. Always when I had a problem the support team has been helpful. AI integration could be better
What do you dislike about the product?
I will say that the AI integration on Check Point WAF could be better and use more of the Agentic AI but overall the rest is okay so far as I had a great experience overall
What problems is the product solving and how is that benefiting you?
Actually Check Point WAF is solving multiple problems at my company that we had and no other tool was capable of resolving but this one has been able to.
Computer Software
Strong Security and Easy Management for Multi-Cloud App Protection
Reviewed on Jun 09, 2026
Review provided by G2
What do you like best about the product?
It’s a solid combination of strong security and easy management. I also appreciate its cloud-native approach, especially the ability to protect applications across different cloud environments.
What do you dislike about the product?
Compared with some competing WAF solutions, the initial setup and policy-tuning process can feel complicated, particularly for teams that are new to web application security. I’ve also seen users note that troubleshooting false positives may take a significant amount of manual effort, and that the user interface can come across as less intuitive than some cloud-native alternatives.
What problems is the product solving and how is that benefiting you?
It protects web applications and APIs from cyber threats that traditional network firewalls can’t effectively stop. It also helps mitigate attacks such as SQL injection, cross-site scripting (XSS), remote code execution, bot attacks, API abuse, and denial-of-service attempts.
Anonymous
Efficient Threat Management, Tough Learning Curve
Reviewed on Jun 09, 2026
Review provided by G2
What do you like best about the product?
I really like the AI engine in Check Point WAF; it's cool how it automatically handles threats, saving us a lot of time by reducing the false positive rate. This automation allows us to block threats efficiently without impacting the user experience, which is great because the team doesn't waste hours chasing down false alarms.
What do you dislike about the product?
It has a pretty steep learning curve, and the initial config is pretty tough as well, and also the price can sting quite a bit. The documentation needs some work.
What problems is the product solving and how is that benefiting you?
I use Check Point WAF to protect web apps and APIs automatically, reducing manual rule tuning and false positives. The AI engine saves us time by handling threats and automating blocking without impacting user experience.
Otniel V.
Check Point WAF Delivers Strong Protection Against Common Web Attacks
Reviewed on Jun 09, 2026
Review provided by G2
What do you like best about the product?
I believe the best advantage of the Check Point WAF solution is that it offers a strong protection against common web attacks (OWASP Top 10, bots, API threats), which are the most common threats I met.
What do you dislike about the product?
There are no many things to say here, but let’s say that the complex initial setup can be challenging, especially for teams without prior Check Point experience. However, there are a lot of tutorials that will help with this, so I wouldn’t say that it is really a thing I don’t like, just that it’s challenging.
What problems is the product solving and how is that benefiting you?
In my team case, Check Point WAF protects our web applications and APIs from common cyber threats while providing centralized visibility and control. This reduces security risks, improves compliance, and saves time on manual security management.