Web vulnerabilities and exploits have become more risky to enterprises that are accessible on the internet. Web Application Firewall is required to mitigate various threats, however historically enterprises bear expensive hardware on-premises to protect web server from web attacks. Why cloud-based WAF? There are acquisitions occurring that certain web servers are not protected. This is because protected targets are not being on the same premises as the physical WAF. The enterprises are moving their operations to the cloud. The boundaries of physical WAF’s protection are limited to cover all users in today’s modern network environment. Cloud-based WAF enables enterprises to protect web servers across a broad spectrum regardless of locations. Cloud-based WAF performs the filtering before the traffic reaches to web server. Web servers are protected by cloud-based WAF to change DNS records directed toward cloud-based WAF address. All traffic is diverted to the cloud-based WAF, filtered and sent directly to the origin servers. This allows to any web servers to be filtered quickly and apply the same or a similar security policy. Benefit of cloud-based WAF Cloud-based WAF allows filtering web threats and combining policy rule to gather information from malicious traffic by threat intelligence. Cloud-based WAF enables to create and apply the custom rules easily in the cloud and policies and custom rules are applied to other sites with DNS changes. It gives users flexibility and agility. Cloud implementations are perfect when the services are not hosted in a facility it controls. It allows minimal touch implementation by requiring DNS change only to start working.