Posted On: Apr 10, 2023
AWS Firewall Manager now supports AWS WAF Bot Control for Targeted Bots, AWS WAF Fraud Control - Account Takeover Prevention, AWS WAF Rules action overrides for managed rule groups, centralized AWS WAF logging directly to S3 buckets and new logging filters, and AWS WAF Captcha Configuration, Challenge configuration, and Token Domains.
With support for AWS WAF Bot Control for Targeted Bots, customers can easily enable and scale advanced bot detection techniques, such as browser interrogation, fingerprinting, and behavioral analysis to protect against targeted bot attacks. With support for AWS WAF Fraud Control - Account Takeover Prevention, customers can scale and protect their application’s login page against credential stuffing attacks, brute force attempts, and other anomalous login activities. This includes support for ATP managed rules that can inspect application request and response data and block login attempts based on customer-defined login failure conditions and support for ATP origin response. With support for AWS WAF rule action overrides, customers can create rule action overrides for managed rule groups. With support for AWS WAF Captcha Config, Challenge Config, and Token Domains, customers can allow Captcha and Challenge Config to specify WebACL level timeout on Captcha/Challenge actions. With this launch we’re adding one new optional destinations to allow customers send AWS WAF logs to an Amazon S3 bucket directly. In addition customers can use three additional rule action log filters - CAPTCHA, CHALLENGE, EXCLUDED AS COUNT.
To get started, see the AWS Firewall Manager documentation for more details and the AWS Region Table for the list of regions where AWS Firewall Manager is currently available. To learn more about AWS Firewall Manager, its features, and its pricing, visit the AWS Firewall Manager website.