Managed Rules for AWS Web Application Firewall (WAF) are a set of rules written, curated and managed by AWS Marketplace Sellers that can be easily deployed in front of your web applications running on AWS Application Load Balancers or Amazon CloudFront. With these managed rules, you can quickly get started and protect your web application or APIs against common threats like the OWASP Top 10 security risks, threats specific to Content Management Systems (CMS) like WordPress or Joomla, or even emerging Common Vulnerabilities and Exposures (CVE) without having to manage infrastructure. AWS security sellers will automatically update the managed rules for you as new vulnerabilities and bad actors emerge. Managed Rules for AWS WAF are designed to help you spend less time writing firewall rules and more time building applications.

Managed Rules for AWS WAF
Get Started With AWS WAF

Managed Rules are written by security experts who have extensive and up-to-date knowledge of threats and vulnerabilities. Rules are written based on threats observed across many customers. AWS WAF Managed Rules are automatically updated by AWS Sellers as new vulnerabilities and bad actors emerge. Managed Rules sellers create rules using a combination of security engineers on staff, automated traffic analysis and threat intelligence databases.

Managed Rules for AWS WAF give you a set of pre-configured rules written and managed by AWS Marketplace Sellers, allowing you to quickly get started with AWS WAF rules for your application. You can simply subscribe to Managed Rules via the AWS Marketplace and then use the AWS WAF console to specify which resources to protect. All rules are deployed on the AWS WAF managed infrastructure.

With Managed Rules you get a wide selection of protections from security experts and AWS Marketplace Sellers. You can choose from a variety of widely applicable protections like IP reputation lists and OWASP Top 10 protections, or choose from platform-specific rules like WordPress or Joomla rules. With each Managed Rules product, you get access to unique expertise and proprietary analysis from these security sellers.

You can subscribe to Managed Rules with a few clicks and pay only for what you use, without having to sign up for any expensive professional services. Managed Rules are automatically updated, and there are no contracts or subscription commitments. Managed Rules are charged by the hour.


1

Go to AWS Marketplace or to the AWS WAF Console

2

Discover and subscribe to your Managed Rules

3

Associate the rules with your AWS WAF web ACL

Alert Logic

OWASP Top 10 Virtual Patches for WordPress protects against the last six months of exploitable WordPress core and WordPress plugin attacks. The rule group protects against 250 variations of known WordPress core and plugin vulnerabilities discovered by the Alert Logic Threat Intelligence team, giving you the coverage you need to protect your applications during critical times between when an exploit is published and when your organization can successfully apply a traditional patch. Use this managed rule group to help you achieve compliance against standards that use the OWASP Top 10 as a reference.

Learn More »

Trustwave

Protect against automated attacks. Bot Protections Rules is a partner managed rule group for AWS WAF that stops a broad range of malicious bots activities such as vulnerability scanners, web scrapers, DDoS tools, and forum spam tools.

Learn More »

Protect against web exploits. F5 Web Exploits OWASP Rules for AWS WAF, provides protection against web attacks that are part of the OWASP Top 10, such as: SQLi, XSS, command injection, No-SQLi injection, path traversal, and predictable resource.

Learn More »

Protect against common vulnerabilities and exposures (CVE). CVE Rules for AWS WAF provides protection for high profile CVEs targeting the following systems: Apache, Apache Struts, Bash, Elasticsearch, IIS, JBoss, JSP, Java, Joomla, MySQL, Node.js, PHP, PHPMyAdmin, Perl, Ruby On Rails, and WordPress.

Learn More »

Fortinet

Fortinet WAF RuleGroups are based on the FortiWeb web application firewall security service signatures, and are updated on a regular basis to include the latest threat information from FortiGuard Labs. The Complete OWASP Top 10 RuleGroup combines Fortinet’s other AWS WAF RuleGroups into one comprehensive package that includes the SQLi/XSS, General and Known Exploits, and Malicious Bots RuleGroups.

Learn more >>

Fortinet WAF RuleGroups are based on the FortiWeb web application firewall security service signatures, and are updated on a regular basis to include the latest threat information from FortiGuard Labs. The Malicious Bots RuleGroup analyzes requests and blocks known content scrapers, spiders looking for vulnerabilities, and other unwanted automated clients that OWASP has identified as risks to web applications. Please see our other RuleGroups for additional protections.

Learn more >>

Fortinet WAF RuleGroups are based on the FortiWeb web application firewall security service signatures, and are updated on a regular basis to include the latest threat information from FortiGuard Labs. The General and Known Exploits RuleGroup detects common and advanced OWASP Top 10 threats including numerous Injection attacks, URL Redirects, HTTP Response Splitting, Database Disclosure vulnerabilities and other Common Vulnerabilities and Exposures (CVEs). Please see our other RuleGroups for additional protections.

Learn more >>

Fortinet WAF RuleGroups are based on the FortiWeb web application firewall security service signatures, and are updated on a regular basis to include the latest threat information from FortiGuard Labs. The SQLi/XSS RuleGroup provides protection from the two primary web application attack types identified in the OWASP Top 10, SQL Injection and Cross-Site Scripting. Please see our other RuleGroups for additional protections.

Learn more >>

Imperva

Imperva's Managed Rules for WordPress Protection is an out-of-box solution to protect against vulnerabilities specific to WordPress, providing complex rules which are regularly updated and monitored for new and emerging threats. Imperva's research team updates this ruleset regularly for up and coming attacks, accounting for undiscovered threats so that you don't have to.

Learn more >>

Imperva's Managed Rules for IP Reputation allows you to take a proactive approach to security by providing an extensive IP whitelist/blacklist which is regularly monitored and updated. Imperva's reputation feed leverages crowd-sourcing from aggregated attack data to update its list with newly detected malicious sources.

Learn more >>

Trend Micro

Use this RuleGroup to protect WebServers including the Apache Suite (Apache Httpd, Apache Struts, Apache Tomcat) and Nginx from known vulnerabilities and to help meet PCI DSS requirements. Trend Microdelivers proactive global threat intelligence against zero-hour threats to help ensure that you are protected. Trend Micro integrates with key AWS Services and offers additional Amazon EC2 protection using Trend Micro Deep Security. Trend Micro’s Managed Rules for AWS WAF are designed to further augment the protection AWS WAF already offers for your applications and data in the cloud.

Learn more >>

Use this RuleGroup to protect common CMS and EMS including WordPress, Joomla and Drupal from known vulnerabilities and to help meet PCI DSS requirements. Trend Micro delivers proactive global threat intelligence against zero-hour threats to help ensure that you are protected. Trend Micro integrates with key AWS Services and offers EC2 protection using Deep Security for AWS. Trend Micro’s Managed Rules for AWS WAF are designed to further augment the protection AWS WAF already offers for your applications and data in the cloud.

Learn more >>

Trustwave

Select Trustwave SpiderLabs ModSecurity virtual patches to provide additional support for your web applications running AWS WAF. As the threat landscape evolves, Trustwave SpiderLabs will continue to provide new virtual patches. The virtual patches will allow you to reduce the development costs of your web applications by enabling you to prevent vulnerabilities from being exposed to the internet. Contains hundreds of virtual patches to protect technologies such as BigTree CMS, couponPHP CMS, and DotCMS.

Learn more >>

Select Trustwave SpiderLabs ModSecurity virtual patches to provide additional support for your web applications running AWS WAF. As the threat landscape evolves, Trustwave SpiderLabs will continue to provide new virtual patches. The virtual patches will allow you to reduce the development costs of your web applications by enabling you to prevent vulnerabilities from being exposed to the internet. Our Content Management System (CMS) virtual patches package, provides critical patches to protect your customers and your reputation. It contains hundreds of virtual patches to protect CMS platforms such as Drupal, Joomla, and WordPress.

Learn more >>