Jump to content

Search the Community

Showing results for tags 'waf'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


LinkedIn Profile URL


About Me


Cloud Platforms


Cloud Experience


Development Experience


Current Role


Skills


Certifications


Favourite Tools


Interests

Found 9 results

  1. The perceptions of the API security market have really shifted since we started Impart Security three years ago. When we first started Impart, API security was a new market; there were many different opinions about what API security was, how to approach the problem, and what good API security looked like. I remember back in 2020, although most security teams I spoke with thought of API security as a critical part of their security program, those same teams also had very different views of what specific problems and urgent pain points needed to be addressed. In this post I’ll unpack the current state of the API security market, where it’s going, and how security teams should be implementing it with API-first runtime protection. The post Is API Security Just a Better WAF? | Impart Security appeared first on Security Boulevard. View the full article
  2. AWS WAF now supports JA3 match, enabling customers to inspect incoming requests’ JA3 fingerprints. Customers can use the JA3 match to implement custom logic to block malicious clients or allow requests from expected clients only. View the full article
  3. You can now enable AWS WAF protections for Amazon Cognito, making it even easier to protect Amazon Cognito user pools and hosted UI from common web exploits. View the full article
  4. AWS WAF now supports setting sensitivity levels for SQL injection (SQLi) rule statements, giving you greater control over how AWS WAF evaluates requests to your applications for SQLi attacks. View the full article
  5. AWS WAF Captcha is now available for all customers. AWS WAF Captcha helps block unwanted bot traffic by requiring users to successfully complete challenges before their web request are allowed to reach AWS WAF protected resources. You can configure AWS WAF rules to require WAF Captcha challenges to be solved for specific resources that are frequently targeted by bots such as login, search, and form submissions. You can also require WAF Captcha challenges for suspicious requests based on the rate, attributes, or labels generated from AWS Managed Rules, such as AWS WAF Bot Control or the Amazon IP Reputation list. WAF Captcha challenges are simple for humans while remaining effective against bots. WAF Captcha includes an audio version and is designed to meet WCAG accessibility requirements. View the full article
  6. AWS WAF now supports evaluating multiple headers in the HTTP request, without the need to specify each header individually in AWS WAF rules. You can also use this new capability to easily inspect all cookies in the HTTP request, without the need to specify each cookie in WAF rules. This capability helps you protect your applications or API endpoints from attacks that try to exploit a custom header or cookie, or a common header for which you may not have created a WAF rule. You can also limit the scope of inspection to only included or excluded headers, and inspect only the keys or only the values for the headers or cookies you want to inspect. View the full article
  7. We’re excited to announce the launch of the AWS Centralized WAF and VPC Security Group Management solution, a reference implementation that makes it easier to centrally configure, manage, and audit firewall rules across your accounts and applications in AWS Organizations. The solution uses AWS Firewall Manager to automatically deploy a set of Managed Rules for AWS Web Application Firewall (WAF) and audit checks for VPC security groups across all your AWS accounts from a single place. The solution also gives Shield Advanced customers the option to deploy DDoS protections across accounts. View the full article
  8. AWS WAF can now natively parse request body JSON content, allowing you to inspect specific keys or values of the JSON content with AWS WAF rules. This capability helps you protect your APIs by checking for valid JSON structure, inspecting the JSON content for common threats against your application, and reducing false positives by inspecting only the keys or values in the JSON content. View the full article
  9. AWS Transfer Family customers using Amazon API Gateway to integrate their own identity management systems to authenticate end users can now use AWS Web Application Firewall (WAF) to easily apply additional layers of access controls. You can also protect your file transfer endpoints against exploits such as bots and port scanners. View the full article
  • Forum Statistics

    67.4k
    Total Topics
    65.3k
    Total Posts
×
×
  • Create New...