Posted On: Aug 24, 2022

AWS WAF Fraud Control - Account Takeover Prevention now supports Amazon CloudFront. AWS WAF Fraud Control - Account Takeover Prevention protects your application’s login page against credential stuffing attacks, brute force attempts, and other anomalous login activities. Account Takeover Prevention enables you to proactively stop account takeover attempts at the network edge. With Account Takeover Prevention, you can prevent unauthorized access that may lead to fraudulent activities, or you can inform affected users so that they can take preventative action.

Account Takeover Prevention is offered through AWS Managed Rules. Once added to your AWS WAF web ACL, it compares usernames and passwords submitted to your application to credentials that have been compromised elsewhere on the web. It also monitors for anomalous login attempts coming from bad actors by correlating requests seen over time to detect and mitigate attacks like irregular login patterns, brute force attempts, and credential stuffing. Account Takeover Prevention is scoped down by default to act on your login page only. With optional JavaScript and iOS/Android SDK integrations, you can receive additional telemetry on devices that attempt to log in to your application to better protect your application against automated login attempts by bots. Account Takeover Prevention can also be used in conjunction with AWS WAF Bot Control and AWS Managed Rules to create a comprehensive defense layer against bots targeting your application.

AWS WAF Fraud Control - Account Takeover Protection is available in all commercial AWS regions (except the Asia Pacific (Jakarta) region) and AWS GovCloud (US) Regions and, with this launch, can now be used to protect Amazon CloudFront resources.

To get started, simply navigate to the AWS WAF console and create a new web ACL, or select an existing web ACL. Follow the wizard to choose an AWS resource to protect. Choose Account Takeover Prevention from the list of managed rule groups. Enter the URL of your application’s login page and indicate where the username and password form fields are located within the body of HTTP requests to log in.

Visit the AWS WAF pricing page for information about Account Takeover Prevention fees. To learn more, please see the AWS WAF web site and AWS WAF developer guide.