What self-hosted WAF products have the fastest deployment times?

When a web application goes live, one of the earliest security questions developers and DevOps teams ask is: How quickly can we stand up a Web Application Firewall (WAF) that actually protects traffic? This hands-on comparison is based on real installations and basic attack tests of several self-hosted WAFs, with a focus on time to first effective protection, not marketing promises. Test Environment All WAFs were installed and tested under the same conditions: OS: Ubuntu 22.04 LTS CPU: 4 vCPUs Memory: 8 GB RAM Runtime: Docker 24.x (where applicable) Proxy: NGINX Goal: Block basic SQLi / XSS with minimal configuration 1. SafeLine WAF (Docker-based) Deployment model: Docker / Docker Compose Time to first protection: ~15 minutes Installation Experience mkdir -p "/data/safeline" && cd "/data/safeline" wget https://waf.chaitin.com/release/latest/compose.yaml docker compose up -d The management UI becomes available at: ht