Cloud-based WAF (web application firewall) service is a WAF solution based on the cloud. It resolves domain names, uses the DNS scheduling technology to direct, filter, and monitor traffic from Internet, and protects users' applications from malicious attacks and web vulnerabilities. Cloud-based WAF inherits the core hardware/software features of traditional WAF, and integrates with cloud-native capabilities, big data analysis and AI. Its core value lies in clone protection and real-time update of virtualization patches, capable of establishing a dynamic and scalable web application security system. Cloud-based WAF takes up an important market segment in the field of cloud security for which the segment size keeps growing with the continuous expansion of the cloud computing market itself. As many businesses migrate their infrastructure and data to the cloud, they will shift to cloud-based WAF service for an easy-to-deploy, always-on, and scalable solution which can meet the ever-higher network security requirements. Companies that are able to provide both on-premises and cloud-based deployment options will be in a better position to grow.