AWS Security Profile picture
Jul 14, 2022 8 tweets 5 min read Read on X
🛡️Get the current recommendations for implementing #AWSWAF to protect existing and new web applications 👇👇👇
1/Understand what type of threats your web applications may be facing. Web applications face different kinds of threats that #AWSWAF can help you mitigate, such as:

⮞DDoS Attacks
⮞Web application attacks
⮞Bots

go.aws/3IBdtco
2/Gather and define the requirements which will make this implementation successful for your business. Some common #AWSWAF requirements include:

⮞Protections
⮞Governance
⮞Logging

go.aws/3cjeE4s
3/Once requirements have been identified, an application can be chosen to deploy AWS WAF. For example, AWS recommends deploying WAF with #AmazonCloudFront for the best security posture. go.aws/3o00O9w
4/Deploy the application in a staging environment for validation. AWS recommends starting with the following setup:

⮞Add rules based on your defined requirement
⮞Enable rate-based rules to protect yourself against DDoS types of attack

go.aws/3aANgOT
5/Monitor your WAF implementation to have good visibility of what is being blocked by your web ACL. There are multiple monitoring options available with #AWSWAF. go.aws/3o4BeQE
6/Test & tune to mitigate false negatives and false positives. False negatives are attacks that were not caught by WAF and require hardened rules. False positives are legitimate requests considered by WAF wrongly as attacks and blocked as a consequence. go.aws/3nYTZ8i
7/All that's left is to do is deploy to production and regularly review & monitor your application! go.aws/3o8KtiJ 🎉

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with AWS Security

AWS Security Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @AWSSecurityInfo

Jan 31, 2023
The following 5 workshops simulate multiple security events. Brought to you by the AWS Customer Incident Response Team (CIRT) 👇
1/During the Unauthorized IAM Credential Use - Simulation and Detection
workshop, you will simulate the unauthorized use of IAM credentials by using a script invoked within #AWSCloudShellgo.aws/3XU6zG7
2/At the Ransomware on S3 – Security Event Simulation and Detection workshop, you will use an AWS CloudFormation template to replicate an environment with multiple IAM users and five #AmazonS3 buckets ⏩ go.aws/3HdX8Ky
Read 6 tweets
Dec 6, 2022
📣🧵#reInvent RECAP: Key Security Launches

Did you miss our big event in Las Vegas? Don't worry. We got you covered. Here's what's newly launched for all things security🔐

See below (in no particular order)⬇️
New for #AWSControlTower – Comprehensive Controls Management makes it easier for regulated customers to make AWS available for use by their developers. Use it to apply managed preventative, detective, and proactive controls to accounts

go.aws/3P9ChLV Image
#AmazonSecurityLake automatically centralizes security data from cloud, on-premises, and custom sources into a purpose-built data lake stored in your account. Automate your central management of security data

go.aws/3VTSR4O Image
Read 12 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(