An application firewall is a network security device used to control input and output to and from an application or service. An application firewall may operate by monitoring and potentially blocking input, output, and/or system service calls that do not meet a configured policy of the application firewall. An application firewall may be deployed within a computing service environment to protect applications and services executing within the computing service environment from exploits that could affect application availability, compromise security, or consume excessive resources. Computing service customers may be provided some measure of control over which network traffic to allow or block to the customer's applications by allowing the customers to define customizable security rules. For example, a customer may create custom security rules that block common attack patterns, such as SQL injections or cross-site scripting.