Web application and API Protection (WAAP) is a term coined by Gartner as a replacement for WAFs. WAAP services protect modern web applications and APIs from a variety of attacks. WAAP services include NG-WAF and other capabilities like DDoS and malicious bot detection. WAAP aims to meet the security needs of modern, API and microservice-based web applications.