How to Tailor AWS Managed Rules for AWS WAF
AWS Managed Rules for AWS WAF offers a set of pre-defined rules designed to shield your applications from prevalent vulnerabilities and unauthorized access without the need to create custom rules. The AWS Threat Research Team regularly updates these Managed Rules to adapt to the constantly evolving threat environment to ensure your assets remain secure. For further insights, check out this related blog post that dives deeper into AWS’s security measures.
The Three Essential AWS WAF Rate-Based Rules
by Maria Lopez, David King, and Emma White
on 22 JUL 2021
in Advanced (300), Amazon Athena, AWS WAF, Security, Identity, & Compliance
As of May 5, 2025, the minimum rate limit setting in AWS WAF rate-based rules has been adjusted from 100 requests to 10. In this article, we outline the three critical AWS WAF rate-based rules that proactively defend your web applications against common HTTP flood incidents. For expert analysis on this topic, you can explore this authority’s resource.
Automatically Refresh AWS WAF IP Sets with AWS IP Ranges
by Lisa Hartman, Matthew Young, and Rachel Adams
on 08 JUL 2021
in Advanced (300), AWS Shield, AWS WAF, Security, Identity, & Compliance
This blog details how to automate the updating of AWS WAF IP sets with the latest AWS IP ranges. For more information on a similar process involving Amazon CloudFront IP ranges utilized in VPC Security Groups, refer to this excellent resource.
AWS Shield Threat Landscape Overview: 2020 Summary
by Chris Johnson
on 20 MAY 2021
in AWS Shield, Foundational (100), Security, Identity, & Compliance
AWS Shield is a managed protection service that secures applications operating on AWS from external threats, including bots and DDoS attacks. It identifies network and web application-layer volumetric events that may signify a DDoS attack or unauthorized traffic, enhancing your security posture.
Enhancing DDoS Resilience of Your Self-Managed DNS Using AWS Global Accelerator and AWS Shield Advanced
by Alex Martinez
on 08 DEC 2020
in Advanced (300), AWS Global Accelerator, AWS Shield, Security, Identity, & Compliance
In this blog, we discuss how to bolster the DDoS resilience of your self-managed DNS service by leveraging AWS Global Accelerator and AWS Shield Advanced. By implementing these services, you can adopt some of the protective strategies employed by Amazon Route 53 against DDoS threats.
Centralized Monitoring for DDoS Events and Auto-Remediation of Noncompliant Resources
by Natalie Brooks
on 19 NOV 2020
in AWS Firewall Manager, AWS Shield, Intermediate (200), Security, Identity, & Compliance
When developing applications on AWS, it’s a standard security practice to separate production from non-production resources through logical grouping. This approach simplifies the implementation of the principle of least privilege and minimizes the scope of potential security breaches.
Implementing Defense in Depth Using AWS Managed Rules for AWS WAF (Part 2)
by Henry Wu
on 02 SEP 2020
in AWS WAF, Intermediate (200), Security, Identity, & Compliance
This post elaborates on utilizing recent advancements in AWS WAF to manage a comprehensive web application security policy. These updates facilitate the maintenance and deployment of web application firewall configurations across various stages and application types.
Defense in Depth Using AWS Managed Rules for AWS WAF (Part 1)
by Henry Wu
on 02 SEP 2020
in AWS WAF, Intermediate (200), Security, Identity, & Compliance
In this first part of our two-part series, we examine how AWS WAF’s recent enhancements can help in managing a multi-layer web application security enforcement policy.
AWS Shield Threat Landscape Report Now Available
by Chris Johnson
on 29 MAY 2020
in AWS Shield, Foundational (100), Security, Identity, & Compliance
AWS Shield is a managed threat protection service that safeguards applications running on AWS from exploitation of vulnerabilities, malicious bots, and DDoS attacks. The AWS Shield Threat Landscape Report provides an overview of threats detected by AWS Shield, curated by the AWS Threat Research Team.
Leave a Reply