Our primary use case is protecting public facing web applications and APIs against OWASP Top 10 threats and automated attacks. Fortinet FortiWeb Cloud WAF-as-a-Service was used to protect a customer facing web application exposed to the internet. It helped detect and block malicious requests such as SQL injection and bot-driven traffic without impacting legitimate users.
Network and Security Engineer (Contractor) at Clymora Technology Limited
Real User
Top 5
Nov 21, 2025
Fortinet FortiWeb Cloud WAF-as-a-Service protects our customers' websites, including e-commerce sites, normal websites, and web applications. I can provide a quick example of a customer website where we protect an e-commerce site, especially in Kenya where WAFs are mostly used in banks to meet the PCI DSS standard. The service blocks attacks like cross-site scripting and DDoS, as well as all website-related attacks. Fortinet FortiWeb Cloud WAF-as-a-Service helps protect against many attacks related to web applications, including SQL injection and misconfigurations from customers that lead to vulnerabilities like denial of service and attempts to exfiltrate sensitive data, particularly for banks.
Principal Network Architect at a financial services firm with 201-500 employees
Real User
Top 10
Apr 11, 2025
We use Fortinet FortiWeb Cloud WAF-as-a-Service situated in front of our web-facing APIs. This includes everything that is customer-facing, business-to-business APIs, and things like that.
IT Specialist at a manufacturing company with 10,001+ employees
Real User
Top 5
Jan 14, 2025
I use it for all the applications in my company that need external access. I route the traffic to FortiWeb first, and after this, I direct it to the cloud or on-premises solutions.
Learn what your peers think about Fortinet FortiWeb Cloud WAF-as-a-Service. Get advice and tips from experienced pros sharing their opinions. Updated: February 2026.
Fortinet FortiWeb Cloud WAF-as-a-Service provides cloud-based web application protection, ensuring businesses secure their web apps against threats without hardware management, offering dynamic scalability and threat intelligence. Fortinet FortiWeb Cloud WAF-as-a-Service offers an advanced security platform that effectively protects web applications from cyber threats by leveraging comprehensive threat intelligence and efficient traffic management. Its cloud-native architecture facilitates...
Our primary use case is protecting public facing web applications and APIs against OWASP Top 10 threats and automated attacks. Fortinet FortiWeb Cloud WAF-as-a-Service was used to protect a customer facing web application exposed to the internet. It helped detect and block malicious requests such as SQL injection and bot-driven traffic without impacting legitimate users.
Fortinet FortiWeb Cloud WAF-as-a-Service protects our customers' websites, including e-commerce sites, normal websites, and web applications. I can provide a quick example of a customer website where we protect an e-commerce site, especially in Kenya where WAFs are mostly used in banks to meet the PCI DSS standard. The service blocks attacks like cross-site scripting and DDoS, as well as all website-related attacks. Fortinet FortiWeb Cloud WAF-as-a-Service helps protect against many attacks related to web applications, including SQL injection and misconfigurations from customers that lead to vulnerabilities like denial of service and attempts to exfiltrate sensitive data, particularly for banks.
We use Fortinet FortiWeb Cloud WAF-as-a-Service situated in front of our web-facing APIs. This includes everything that is customer-facing, business-to-business APIs, and things like that.
I use it for all the applications in my company that need external access. I route the traffic to FortiWeb first, and after this, I direct it to the cloud or on-premises solutions.