Azure cloud provides web application security by adding Web Application Firewall (WAF) to Azure application gateway service. This is a virtual machine appliance from a third party in the Azure marketplace which offers Layer-7 security and can be added to application gateway to perform application layer inspection:
A typical WAF solution protects you against:
- SQL injection
- XSS (Cross-site scripting)
- Common web attacks
- HTTP protocol violations and anomalies
- Distributed Denial of service (DDoS)
- Botnets and Scanners
- Common IIS and Apache misconfigurations