AWS WAF is a web application firewall that helps protect your web applications against common web exploits that may affect availability, compromise security, or consume excessive resources. AWS WAF allows us to control how traffic reaches your applications by creating security rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that filter out specific traffic patterns you define. The implementation and rule configuration will be done by root360. A WAF can be associated to a AWS loadbalancer or a CDN (Amazon Cloudfront) endpoint.
Variants
Security Automations: pre-configured protective WAF rules designed to filter common web-based attacks, customizable
Managed Rules: curated WAF rules from Cyber Security Cloud, F5, Fortinet and others to address specific threats like the OWASP Top 10 security risks
