The worldwide marketplace for the web application firewall industry is forecast to be worth more than $1bn by the turn of the next decade, according to new analysis by an American market research firm. Frost & Sullivan’s latest Market Analysis Forecast of the Global Web Application Firewall Market to 2021 indicates probable market growth that is estimated to equate to 13.7 per cent compound annual growth between 2016-2021, as a growing number of online threats and increased competition push forward innovation throughout the sector.


Businesses operating online are increasingly having to protect their web applications from the clutches of cyber-attackers and as technology continues to evolve, offenders will continue to move the goalposts and attempt to find weaknesses in online infrastructures. Frost & Sullivan confirmed in their press release that, today, web apps have become essential technologies utilised daily by online companies to interact with stakeholders such as existing and potential consumers, employees and industry partners.

What is a web application firewall?

In today’s fast-moving online world, the effective management and surveillance of web applications is a demanding, full-time job. A web application firewall can take some of the responsibility off the hands of time-constrained professionals to allow them to focus on doing what they do best, safe in the knowledge that their data is guarded against all kinds of application layer attacks — including the OWASP top 10 and even zero-day threats — also minimizing service disturbances for legitimate website visitors.

This type of protection is becoming increasingly important for e-commerce sites, as PCI-DSS compliance is now a legal requirement for any business which accepts and processes credit card information. Choosing a web app firewall that is PCI-DSS certified is therefore an essential requirement to safeguard the data not only of businesses themselves but their community of customers too.

Chris Rodriguez, network security senior industry analyst at Frost & Sullivan, believes the rapid development of emerging trends such as mobile technology and the Internet of Things (IoT), in addition to ever-evolving cyber-hacking threats, is halting web application firewall technology from being commoditized quicker.

‘Web technologies are changing rapidly to support the global digital transformation trend, including proliferation of mobile devices, the Internet of Things and cloud computing. This rapid rate of change can present challenges for traditional web application firewall solutions’, said Rodriguez.

Subsequently, Frost & Sullivan believes tightening industry and government controls on web application security will require firewall vendors to innovate further and enhance their enterprise products by incorporating notable tools like bot detection, controlled technology and API security into the mix.

The firm believes web app firewall developers should consider the following five key points to foster increased adoption in such a fast-moving environment:

  1. Integrate more closely with tools supported for DAST and SAST to maintain the application development lifecycle
  2. Utilize complementary tech e.g., SIEMs to acknowledge important security events and encourage APT and threat hunting
  3. Guard applications within cloud environments — both private and public — with consistent policies
  4. Tackle head-on the emerging technological developments e.g., IoT and the risks it poses
  5. Design and assimilate security solutions for fast-moving industries e.g., manufacturing

As for companies which utilize web apps, a web application firewall is an absolutely necessary tool to protect sensitive company and user data, as well as ensure services are up and running at all times.