Advanced – Security Testing
Web Application Firewall (WAF) – ISTQB Definition
Last Updated: July 12, 2026 · SoftwareTestPilot QA Team
Official ISTQB Definition
A firewall that filters, monitors, and blocks HTTP traffic to and from a web application, protecting against attacks like SQL injection and XSS.
In simple words
A firewall specifically for web app traffic that blocks known attack patterns.
Exam tip
Test WAF rules with intentional attack payloads in a safe environment — verify blocks and logs.
Related terms
Practice this term in the ISTQB Mock Test
40 CTFL v4.0 questions, 60-minute timer, instant scoring and chapter-wise breakdown.
Practice in Mock Test