Security pros started widely adopting web application firewalls (WAFs) back in 2006. During the past 10 years, WAF vendors have evolved their products to make them easier to maintain, more effective against automated attack methods such as bots, and more flexible to deploy as applications migrate to the cloud. Security pros should use this report to understand vendors that currently offer WAFs and new functionality that continues to make these products relevant for digital businesses.