.png.6dd3056f38e93712a18d153891e8e0fc.png.1dbd1e5f05de09e66333e631e3342b83.png.933f4dc78ef5a5d2971934bd41ead8a1.png)
Search the Community
Showing results for tags 'waf'.
Found 8 results
-
AWS WAF now supports JA3 match, enabling customers to inspect incoming requests’ JA3 fingerprints. Customers can use the JA3 match to implement custom logic to block malicious clients or allow requests from expected clients only. View the full article -
You can now enable AWS WAF protections for Amazon Cognito, making it even easier to protect Amazon Cognito user pools and hosted UI from common web exploits. View the full article
-
AWS WAF now supports setting sensitivity levels for SQL injection (SQLi) rule statements, giving you greater control over how AWS WAF evaluates requests to your applications for SQLi attacks. View the full article
-
AWS WAF Captcha is now available for all customers. AWS WAF Captcha helps block unwanted bot traffic by requiring users to successfully complete challenges before their web request are allowed to reach AWS WAF protected resources. You can configure AWS WAF rules to require WAF Captcha challenges to be solved for specific resources that are frequently targeted by bots such as login, search, and form submissions. You can also require WAF Captcha challenges for suspicious requests based on the rate, attributes, or labels generated from AWS Managed Rules, such as AWS WAF Bot Control or the Amazon IP Reputation list. WAF Captcha challenges are simple for humans while remaining effective against bots. WAF Captcha includes an audio version and is designed to meet WCAG accessibility requirements. View the full article
-
AWS WAF now supports evaluating multiple headers in the HTTP request, without the need to specify each header individually in AWS WAF rules. You can also use this new capability to easily inspect all cookies in the HTTP request, without the need to specify each cookie in WAF rules. This capability helps you protect your applications or API endpoints from attacks that try to exploit a custom header or cookie, or a common header for which you may not have created a WAF rule. You can also limit the scope of inspection to only included or excluded headers, and inspect only the keys or only the values for the headers or cookies you want to inspect. View the full article
-
We’re excited to announce the launch of the AWS Centralized WAF and VPC Security Group Management solution, a reference implementation that makes it easier to centrally configure, manage, and audit firewall rules across your accounts and applications in AWS Organizations. The solution uses AWS Firewall Manager to automatically deploy a set of Managed Rules for AWS Web Application Firewall (WAF) and audit checks for VPC security groups across all your AWS accounts from a single place. The solution also gives Shield Advanced customers the option to deploy DDoS protections across accounts. View the full article
-
AWS WAF can now natively parse request body JSON content, allowing you to inspect specific keys or values of the JSON content with AWS WAF rules. This capability helps you protect your APIs by checking for valid JSON structure, inspecting the JSON content for common threats against your application, and reducing false positives by inspecting only the keys or values in the JSON content. View the full article
-
AWS Transfer Family customers using Amazon API Gateway to integrate their own identity management systems to authenticate end users can now use AWS Web Application Firewall (WAF) to easily apply additional layers of access controls. You can also protect your file transfer endpoints against exploits such as bots and port scanners. View the full article
-
Forum Statistics
43.3k
Total Topics42.7k
Total Posts