Category: AWS WAF

Introduction The first web crawler was created in 1993 to measure the size of web, and they have now evolved into modern bots powered by agentic AI. Today’s internet is increasingly populated and dominated by automated AI bots that interact with applications to support AI-related tasks. We classified AI bots into three types: AI scrapers, […]

Today, Amazon Web Services (AWS) is launching flat-rate pricing plans with no overages for website delivery and security. The pricing plans, available with Amazon CloudFront, combine global content delivery (CDN) with multiple AWS services and features into a monthly price with no overage charges, regardless of whether your website or application goes viral or faces […]

Users wanting to protect themselves from Layer 7 (HTTP) DDoS threats can use the AWS WAF L7 Anti-DDoS managed rule group to detect and mitigate DDoS events in single digit seconds. The Anti-DDoS managed rule group has a default configuration that is appropriate for many applications and clients. However, there are clients that need special […]

Amazon CloudFront is a native AWS Content Delivery Network (CDN) service. CDNs provide web acceleration by using a worldwide network of edge locations closer to end-users, and caching content at the edge. However, CloudFront can do a lot more than that, with functionality at the edge to do geo-filtering, execute functions, perform AWS Web Application […]

As the global threat landscape shifts and evolves, AWS services that help protect our customers from those threats also evolve to meet their needs. One type of threat that has changed considerably over the past few years is Distributed Denial of Service (DDoS). DDoS attacks have evolved from targeting lower network layers (Layers 3 and […]

Applications face a variety of security threats, such as distributed denial of service (DDoS) attacks, web application exploits like SQL injection and cross-site scripting (XSS), and bot traffic. In this post, to help protect your applications against these threats, we demonstrate how to build your first web access control list (web ACL) in AWS WAF. AWS […]

Modern applications often rely on public APIs to exchange information between trusted clients (such as mobile applications or web browsers) and services. Using a combination of Amazon Web Services (AWS) Edge Services (AWS WAF, AWS Shield Advanced, and Amazon CloudFront) allow Glovo to share how they protect their public-facing APIs from a variety of external […]

Introduction The AWS WAF Bot Control rule group includes rules for detecting and managing bot threats. These threats range from easily identified common bots through to coordinated targeted bots that evade detection by operating across multiple hosts. Like any other security controls, Amazon Web Services (AWS) WAF Bot Control for Targeted Bots rules can also […]

Information security practitioners use internet protocol (IP) address-based security controls such as block lists and rate-based rules to block malicious traffic. However, blocking malicious traffic solely based on an IP address can unintentionally block legitimate users, resulting in false positives. This is because many users share an IP address behind a network address translation (NAT) […]

For cloud users, evaluating data transfer services can be complex, especially when the internal engineering that manages security and delivers high availability and low latency is often abstracted. We are starting a series of posts intended to demystify AWS Data Transfer services and to clarify exactly what Amazon Web Services (AWS) users get when they […]