Gartner defines cloud WAAP as a category of security solutions designed to protect web applications irrespective of their hosted locations. Typically delivered as a service, cloud WAAP is offered as a series of security modules that provide protection from a broad range of runtime attacks. It offers protection from the Top 10 web application security risks defined by the Open Web Application Security Project (OWASP) and automated threats, provides API security, and can detect and protect against multiple sophisticated Layer 7 attacks targeted at web applications. Cloud WAAP’s core features include web application firewall (WAF), bot management, distributed denial of service (DDoS) mitigation and API protection.
The market for distributed denial of service (DDoS) mitigation includes vendors that detect and mitigate DDoS attacks and offer it as a dedicated offering. It includes specialty vendors, whose primary focus is DDoS mitigation, as well as providers that offer DDoS mitigation as a feature of other services. These include dedicated appliance-based vendors, communication service providers (CSPs), content delivery network (CDN) vendors, hosting providers and cloud infrastructure and platform services (CIPS) vendors.
Gartner defines “content delivery networks” as highly distributed edge-based cloud delivery platforms that provide the following functionality: content acceleration, API caching, image optimization, streaming video delivery, web application and perimeter security, and edge compute and storage. CDN providers deploy tens to hundreds of caching, storage and compute nodes in owned and third-party data center locations via public and private Internet Protocol networks.