A Cloud Above  SM Expertly Crafted Cloud Solutions That Mean Business.

Get better security for your web applications

Our managed WAF service provides centralized protection of your web applications from common exploits and vulnerabilities such as SQL injection and cross-site scripting.

Based on Core Rule Sets (CRS) from the Open Web Application Security Project (OWASP), the WAF automatically updates to include protection against new vulnerabilities, with no additional configuration needed.


  • SQL-injection protection.
  • Cross-site scripting protection.
  • Protection against other common web attacks, such as command injection, HTTP request smuggling, HTTP response splitting, and remote file inclusion.
  • Protection against HTTP protocol violations.
  • Protection against HTTP protocol anomalies, such as missing host user-agent and accept headers.
  • Protection against crawlers and scanners.
  • Detection of common application misconfigurations (for example, Apache and IIS).
  • Configurable request size limits with lower and upper bounds.
  • Exclusion lists let you omit certain request attributes from a WAF evaluation. A common example is Active Directory-inserted tokens that are used for authentication or password fields.
  • Create custom rules to suit the specific needs of your applications.
  • Geo-filter traffic to allow or block certain countries/regions from gaining access to your applications.
  • Protect your applications from bots with the bot mitigation ruleset.
  • Inspect JSON and XML in the request body

Trust your cloud

Get security from the ground up, backed by a team of experts, and proactive compliance trusted by enterprises, governments, and startups.

Operate hybrid seamlessly

On-premises, across multiple clouds, and at the edge — we'll meet you where you are. Integrate and manage your environments with tools and services designed for hybrid cloud.

Build on your terms

You have choices. With a commitment to open source, and support for all languages and frameworks, build how you want, and deploy where you want to.

Be future-ready

Continuous innovation from Microsoft supports your development today, and your product visions for tomorrow.

Solid Security

Microsoft invests more than USD 1 billion annually on cybersecurity research and development.

Azure PostGreSql
Microsoft employs more than 3,500 security experts who are dedicated to data security and privacy.

Azure PostGreSql
Azure has more certifications than any other cloud provider. SOC2, PCI, ISO, SSAE and more.

Azure PostGreSql

60 Regions, 160 DataCenters