Professional Security Services for AWS
The advantages of AWS WAF at a glance
Fast and flexible protection
Rolling out and updating AWS WAF rules takes less than a minute. In dangerous situations, this can quickly update the security of the entire environment. WAF supports a variety of rules that can inspect any part of the web request with minimal latency impact on incoming traffic. The rules can be defined individually and filter all parts of the web request, such as IP addresses, HTTP headers, HTTP body or URI strings. In this way, common attack patterns such as SQL injection or cross-site scripting can be blocked.
Individuality through configurable rules
Managed Rules for AWS WAF can be used to protect web application or APIs against common threats. You can choose from a variety of available rules, including those that address issues such as the Open Web Application Security Project's (OWASP) top 10 security risks, specific threats to content management systems (CMS), or new common vulnerabilities and exposures (CVE). Managed rules are automatically updated as new issues emerge.
Transparency and visibility
AWS WAF provides near real-time visibility into web traffic. With this knowledge, new rules or alerts can be created in Amazon CloudWatch. In addition, AWS WAF provides comprehensive logging by capturing the full header data of each web request examined for use in security automation, analytics, or audits.
Easy deployment and maintenance
AWS WAF is easy to deploy and protects applications deployed on either Amazon CloudFront as part of a CDN solution, the Application Load Balancer that pre-provision all your origin servers, or the Amazon API Gateway for APIs. No additional software provisioning, DNS configuration, SSL/TLS certificate management, or reverse proxy setup is required. With AWS Firewall Manager integration, rules can be centrally defined and managed and reused for all web applications to be protected.
Cost effective protection
With AWS WAF, you only get charged for what you actually use. AWS WAF offers a customizable self-service offering. Pricing is based on how many rules are deployed and how many web requests the web application receives. AWS WAF has no minimum fees and no upfront commitments.
DevOps style security
Each feature in AWS WAF can be configured using either the AWS WAF API or the AWS Management Console. This allows DevOps teams to define application-specific rules that increase web security during application development. In this way, web security can start at multiple points in the development process chain, for example, starting with the developer who writes the initial code, to the DevOps engineer who deploys the software, to the security administrators who enforce a set of rules across the enterprise.