The core function of a web application firewall (WAF) is to safeguard web applications by filtering and monitoring HTTP traffic between a user and the application. The WAF inspects incoming requests to identify and block malicious activity, such as SQL injections, cross-site scripting, and other cyber threats. It acts as a security barrier to protect sensitive data and maintain application availability. Organizations use WAFs to enhance overall application security and ensure compliance with various regulatory standards.