diff --git a/pkg/output/stats/waf/waf.go b/pkg/output/stats/waf/waf.go
index a660ff7b1..7abe68cab 100644
--- a/pkg/output/stats/waf/waf.go
+++ b/pkg/output/stats/waf/waf.go
@@ -53,8 +53,12 @@ func NewWafDetector() *WafDetector {
 }
 
 func (d *WafDetector) DetectWAF(content string) (string, bool) {
+	if d == nil || d.regexCache == nil {
+		return "", false
+	}
+
 	for id, regex := range d.regexCache {
-		if regex.MatchString(content) {
+		if regex != nil && regex.MatchString(content) {
 			return id, true
 		}
 	}
diff --git a/pkg/output/stats/waf/waf_test.go b/pkg/output/stats/waf/waf_test.go
index 0698b3a42..f3b2b8683 100644
--- a/pkg/output/stats/waf/waf_test.go
+++ b/pkg/output/stats/waf/waf_test.go
@@ -1,6 +1,9 @@
 package waf
 
-import "testing"
+import (
+	"regexp"
+	"testing"
+)
 
 func TestWAFDetection(t *testing.T) {
 	detector := NewWafDetector()
@@ -58,3 +61,61 @@ func TestWAFDetection(t *testing.T) {
 		})
 	}
 }
+
+func TestWAFDetectionNilPointerSafety(t *testing.T) {
+	tests := []struct {
+		name     string
+		detector *WafDetector
+		content  string
+	}{
+		{
+			name:     "nil detector",
+			detector: nil,
+			content:  "test content",
+		},
+		{
+			name: "nil regexCache",
+			detector: &WafDetector{
+				wafs:       make(map[string]waf),
+				regexCache: nil,
+			},
+			content: "test content",
+		},
+		{
+			name: "regexCache with nil regex",
+			detector: &WafDetector{
+				wafs: make(map[string]waf),
+				regexCache: map[string]*regexp.Regexp{
+					"test": nil,
+				},
+			},
+			content: "test content",
+		},
+		{
+			name: "empty regexCache",
+			detector: &WafDetector{
+				wafs:       make(map[string]waf),
+				regexCache: make(map[string]*regexp.Regexp),
+			},
+			content: "test content",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			defer func() {
+				if r := recover(); r != nil {
+					t.Errorf("DetectWAF panicked with nil pointer: %v", r)
+				}
+			}()
+
+			waf, matched := tt.detector.DetectWAF(tt.content)
+			if matched {
+				t.Errorf("expected no match for nil pointer case, got match=true, waf=%s", waf)
+			}
+			if waf != "" {
+				t.Errorf("expected empty WAF string for nil pointer case, got waf=%s", waf)
+			}
+		})
+	}
+}