AWS WAF

Web applications are very vulnerable to attacks and deploying your applications from the cloud can expose them to even greater risk. To help secure their cloud web apps, administrators will use a Web Application Firewall. We deployed all the applications and servers on the AWS cloud, so we need more security. That is why we are using the AWS Web Application Firewall. WAF provides a lot of features that will secure your applications. We have been using cloud services for the last 3 years and most of the services are running on AWS. In our condition we need a lot of security.

The WAF is being used by my department for our 2 main WEB portal protection as well as using it for Maintenance Window open/close.

AWS WAF is basically implemented to secure the web applications. I have a positive experience using the AWS Web Application Firewall (WAF). It has many features to protect our applications and solutions. The good thing about AWS WAF is it has the most friendly APIs for developers to create firewall rules for the web application. That makes our applications secure.

We use AWS WAF in our whole organization to help us protect all workloads we deploy using AWS CloudFront and AWS API Gateway. The mail problems we cover are layer seven attacks, but we also create whitelists and blacklists to allow or deny specific traffic. We also use Managed Rules for AWS WAF, to quickly get started and protect our web application or APIs against common threats.

AWS WAF is a really useful software when implemented at the departmental level. It allows the infrastructure of the applications that are being executed to be protected in a very simple way since the user can establish rules to stop the vulnerabilities that can cause a malfunction in such applications. This is why we have decided to implement it in the business applications development department to dismiss these vulnerabilities and thus be able to concentrate on the development of applications without that concern.

We use AWS WAF in the Application Development department since it is useful to provide protection against the most common web attacks such as the injection of SQL code and site scripts, as well as to prevent these applications from consuming more resources than they should actually consume. For this, we develop custom rules that allow us to block such attacks and at the same time improve the visibility of web traffic.

We were using WAF to protect our web application from cyber attacks by filtering the requests access to our web app. We created various rules and access control lists for blocking all the unwanted threats like SQL injections.