Companies that use AWS WAF

Analyzed and validated by Henley Wing Chiu ยท Updated
All โ€บ web application firewall โ€บ AWS WAF

AWS WAF We detected 1,072 companies using AWS WAF and 63 customers with upcoming renewal in the next 3 months. The most common industry is Hospitality (12%) and the most common company size is 51-200 employees (27%). We find new customers by detecting JavaScript snippets or configurations on customer websites. Note: We only track companies that have AWS WAF in front of their marketing/corporate website. We also track companies that use AWS for back-end services separately here

โฑ๏ธ Data is delayed by 1 month. To show real-time data, sign up for a free trial or login
Company Employees Industry Country Region Usage Start Date
GlobalData Plc 1,001โ€“5,000 Information Services
United Kingdom
Europe 2026-06-08
LiSEC Austria GmbH 1,001โ€“5,000 Machinery Manufacturing
Austria
Europe 2026-06-06
NSW Athletics 11โ€“50 Spectator Sports
Australia
Oceania 2026-06-06
Ice Hockey Australia 11โ€“50 Spectator Sports
Australia
Oceania 2026-06-05
IllustrationX 11โ€“50 Advertising Services
United States
North America 2026-06-05
CWS Platform Brasil 51โ€“200 Software Development
Brazil
South America 2026-06-04
Singapore Sailing Federation 11โ€“50 Spectator Sports
Singapore
Asia 2026-06-04
Hockey Victoria 11โ€“50 Spectator Sports
Australia
Oceania 2026-06-04
Flybondi.com 1,001โ€“5,000 Airlines and Aviation
Argentina
South America 2026-06-04
Adelaide University Sport & Fitness 11โ€“50 Spectator Sports
Australia
Oceania 2026-06-04
Hockey NSW 11โ€“50 Spectator Sports
Australia
Oceania 2026-06-04
Volleyball New South Wales 11โ€“50 Spectator Sports
Australia
Oceania 2026-06-04
Bioenergy Australia 11โ€“50 Renewable Energy Semiconductor Manufacturing
Australia
Oceania 2026-06-04
Diving Australia Limited 11โ€“50 Spectator Sports
Australia
Oceania 2026-06-03
Softball Australia 11โ€“50 Spectator Sports
Australia
Oceania 2026-06-03
Vilgain 201โ€“500 Food and Beverage Manufacturing
Czech Republic
Europe 2026-06-03
Scouts NSW 10,001+ Non-profit Organizations
Australia
Oceania 2026-06-03
Singapore Gymnastics 11โ€“50 Spectator Sports
Singapore
Asia 2026-06-03
Snow Australia 11โ€“50 Spectator Sports
Australia
Oceania 2026-06-02
Aktin 51โ€“200 Health, Wellness & Fitness
Czech Republic
Europe 2026-06-02
Showing 1-20

New Users (Companies) Detected Over Time

i

Market Insights

๐Ÿข Top Industries

Hospitality 96 (12%)
Spectator Sports 54 (7%)
Technology, Information and Internet 46 (6%)
Software Development 41 (5%)
Retail 40 (5%)

๐Ÿ“ Company Size Distribution

51-200 employees 277 (27%)
11-50 employees 256 (25%)
2-10 employees 235 (23%)
201-500 employees 109 (11%)
501-1,000 employees 60 (6%)

๐Ÿ“Š Who usually uses AWS WAF and for what use cases?

Source: Analysis of job postings that mention AWS WAF (using the Bloomberry Jobs API)

Job titles that mention AWS WAF
i
Job Title
Share
Security Engineer
22%
DevOps Engineer / SRE
18%
Cloud Security Architect
15%
Director of Security
12%
My analysis shows that AWS WAF purchasing decisions are primarily driven by security leadership, with Directors of Security (12%), VPs of Security (8%), and other C-level security executives comprising about 20% of these roles. However, I noticed something distinctive: the technical practitioners who will implement and manage WAF often have significant input in the buying process, as evidenced by the high percentage of Security Engineer (22%) and Cloud Security Architect (15%) positions mentioning AWS WAF expertise as a requirement. These organizations are prioritizing candidates who can balance strategic security governance with hands-on technical execution.

Day-to-day AWS WAF users are predominantly Security Engineers and DevOps practitioners who perform hands-on tasks like configuring and tuning WAF policies, managing rule sets, analyzing web traffic patterns, and integrating WAF into CI/CD pipelines. I found these roles frequently involve responding to OWASP Top 10 threats, mitigating bot attacks and DDoS attempts, conducting threat modeling, and collaborating with application development teams to implement protective controls without disrupting legitimate traffic.

The pain points revealed across these postings center on achieving security at scale while maintaining agility. Companies repeatedly emphasize needs like "proactive threat detection," "24/7 protection for global enterprise," and "balancing operational risk and security posture." One posting specifically mentioned the challenge of moving from "people-driven security" to "automated, scalable protection," while another highlighted the need to "reduce false positives" and "mature protection policies." These organizations are clearly seeking to embed security into fast-moving development cycles without becoming bottlenecks.

๐Ÿ‘ฅ What types of companies use AWS WAF?

Source: Analysis of Linkedin bios of 1,072 companies that use AWS WAF

Company Characteristics
i
Trait
Likelihood
Funding Stage: Series D
135.5x
Country: Thailand
47.0x
Funding Stage: Series B
24.5x
Funding Stage: Series A
17.0x
Country: Japan
16.8x
Industry: Spectator Sports
12.4x
I noticed AWS WAF attracts an incredibly diverse set of companies, but several patterns emerge. There's a strong concentration of consumer-facing businesses that handle direct transactions and personal data: holiday cottage agencies managing bookings across the UK, real estate platforms like Compass connecting buyers and sellers, meal delivery services like Calo, and e-commerce companies like Souq.com. Media and publishing companies also feature prominently, from JMIR Publications to Trustpilot to Animation Magazine. What ties them together is that they're all operating digital platforms where customers interact directly with their services online.

The maturity levels vary widely. I see established enterprises with 70+ years of history like Grupo Q and Royal Garden Hotel alongside Series B startups like Calo and HeyJobs. Many fall into a middle category: profitable, growing businesses with 50-500 employees that have moved past startup chaos but aren't massive corporations. The holiday cottage agencies, regional insurance companies, and boutique hotels represent this sweet spot of established-but-growing businesses.

๐Ÿ”ง What other technologies do AWS WAF customers also use?

Source: Analysis of tech stacks from 1,072 companies that use AWS WAF

Commonly Paired Technologies
i
Technology
Likelihood
652.0x
328.5x
108.9x
38.7x
24.8x
21.7x
I noticed that AWS WAF users are primarily e-commerce and digital commerce companies with significant fraud and security concerns. The presence of Forter, a fraud prevention platform that appears 328 times more often, combined with Criteo for ad retargeting, tells me these are companies handling high-volume online transactions where both security and customer acquisition are critical business priorities.

The pairing of AWS WAF with Forter makes perfect sense because companies worried enough about application security to deploy AWS WAF are exactly the ones experiencing fraud attempts at scale. They need both perimeter defense and transaction-level fraud detection. The strong correlation with Criteo suggests these companies are spending heavily on performance marketing and retargeting, which means they're likely in competitive markets where customer acquisition costs matter. Amazon SES appearing 24 times more frequently indicates they're sending transactional emails at volume, think order confirmations, shipping notifications, and account security alerts. This reinforces the e-commerce profile.

The full stack reveals these are product-led or product-and-marketing hybrid companies at growth stage or mature scale. They've moved beyond basic infrastructure and are investing in specialized tools for fraud prevention, feature flagging with Harness, and sophisticated marketing attribution. The Atlassian Cloud correlation suggests distributed engineering teams that need collaboration tools, pointing to companies with 50 plus employees who've professionalized their operations. These aren't early startups on shoestring budgets.

Alternatives and Competitors to AWS WAF

Explore vendors that are alternatives in this category

HumanSecurity HumanSecurity Oracle WAF Oracle WAF Spur Spur Indusface Indusface Cloudflare WAF Cloudflare WAF TollBit TollBit F5 Distributed Cloud F5 Distributed Cloud Cloudflare Enterprise Cloudflare Enterprise Cloudflare Turnstile Cloudflare Turnstile Akamai Bot Manager Akamai Bot Manager HAProxy HAProxy PerimeterX PerimeterX Google Cloud Load Balancer Google Cloud Load Balancer Barracuda WAF Barracuda WAF Imperva Imperva AWS Application Load Balancer AWS Application Load Balancer AWS WAF AWS WAF Imperva WAF Imperva WAF AWS Application Load Balancer for Backend Services AWS Application Load Balancer for Backend Services Radware Cloud WAF Radware Cloud WAF F5 BIG IP F5 BIG IP Azure Application Gateway Azure Application Gateway Netscaler Netscaler

Loading data...