Category: AWS WAF

A new week has begun. Last week, there was a lot of news related to AWS. I have compiled a few announcements you need to know. Let’s get started right away! Last Week’s Launches Let’s take a look at some launches from the last week that I want to remind you of: New Amazon EC2 […]

This post is part of our Week in Review series. Check back each week for a quick roundup of interesting news and announcements from AWS! It’s the beginning of a new week, and I’d like to start with a recap of the most significant AWS news from the previous 7 days. Last week was special […]

In 2016, we launched AWS Shield, a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS. AWS Shield provides always-on detection and automatic inline mitigations that minimize application downtime and latency without needing to contact AWS Support. There are two tiers of AWS Shield: Standard and Advanced. All AWS customers […]

According to research done by the AWS Shield Threat Research Team, up to 51% of traffic heading into typical web applications originates from scripts running on machines, also known as bots. A wide variety of bots – some wanted, some unwanted – are hitting your endpoints. Wanted bots are crawling your sites to index them […]

Building and deploying secure applications is critical work, and the threat landscape is always shifting. We’re constantly working to reduce the pain of maintaining a strong cloud security posture. Today we’re launching a new capability called AWS Managed Rules for AWS WAF that helps you protect your applications without needing to create or manage the […]

There’s often tension between distributed and centralized control, especially in larger organizations. While a distributed control model allows teams to move fast and to respond to specialized local needs, a central model can provide the right level of oversight for global initiatives and challenges that span all teams. We’ve seen this challenge arise first-hand when […]

Are you aware of the Open Web Application Security Project (OWASP) and the work that they do to improve the security of web applications? Among many other things, they publish a list of the 10 most critical application security flaws, known as the OWASP Top 10. The release candidate for the 2017 version contains a […]

AWS WAF (Web Application Firewall) helps to protect your application from many different types of application-layer attacks that involve requests that are malicious or malformed. As I showed you when I first wrote about this service (New – AWS WAF), you can define rules that match cross-site scripting, IP address, SQL injection, size, or content […]