Cyber Security Cloud Managed Rules for AWS WAF
Overview
Cyber Security Cloud WAF Managed Rules provide rulesets that are designed to mitigate and minimize vulnerabilities, including all those on OWASP Top 10 Web-Application Threats list, OWASP API Security Top 10 Threats list and OWASP Serverless Top 10 Threats list. These rulesets are regularly updated to include the latest threat alerts by using Cyber Threat Intelligence.
By using this ruleset, you can satisfy the security requirements for web applications to comply with security standards such as PCI-DSS.
For AWS WAF Classic:
- Cyber Security Cloud Managed Rules for AWS WAF Classic -OWASP Set-
- Previous Product Name: Cyber Security Cloud Managed Rules for AWS WAF -HighSecurity OWASP Set-
For new AWS WAF:
- Cyber Security Cloud Managed Rules for AWS WAF -HighSecurity OWASP Set-
- Cyber Security Cloud Managed Rules for AWS WAF -API Gateway/Serverless-
Cyber Security Cloud Managed Rules for AWS WAF Classic -OWASP Set-
This ruleset is for AWS WAF Classic.
With the OWASP Set, you can start protecting your web applications right away with a low false-positive rate and a higher defense capability.
Included are a lot of managed rules targeting common vulnerabilities such as code injection techniques (SQLi, NoSQLi, OScommandi, etc), XSS, directory traversal and known exploits involving web-applications using technologies such as Apache Struts2/ Apache Tomcat/ Oracle WebLogic/ WordPress/ Drupal/ Joomla! and Malicious Bots rulesets.
Highlight :
Minimizes OWASP Top 10 Web Application threats
Can build a more secure environment immediately
Designed to have more than enough defense capability to protect your web applications, with a low false-positive rate
NOTE :Cyber Security Cloud recommends that when installing this ruleset for the first time, place the ruleset in Count mode.
Cyber Security Cloud Managed Rules for AWS WAF -HighSecurity OWASP Set-
This ruleset is for new AWS WAF.
With the HighSecurity OWASP Set, you can start protecting your web applications right away with a low false-positive rate and a higher defense capability.
Included are a lot of managed rules targeting common vulnerabilities such as code injection techniques (SQLi, NoSQLi, OScommandi, etc), XSS, directory traversal and known exploits involving web-applications using technologies such as Apache Struts2/ Apache Tomcat/ Oracle WebLogic/ WordPress/ Drupal/ Joomla! and Malicious Bots rulesets.
Highlight :
Minimizes OWASP Top 10 Web Application threats
Can build a more secure environment immediately
Designed to have more than enough defense capability to protect your web applications, with a low false-positive rate
NOTE :Cyber Security Cloud recommends that when installing this ruleset for the first time, place the ruleset in Count mode.
Cyber Security Cloud Managed Rules for AWS WAF -API Gateway/Serverless-
This ruleset is for new AWS WAF.
With the API Gateway/Serverless ruleset, you can start protecting your Amazon API Gateway and Serverless environment right away with a low false-positive rate and a higher defense capability.
Included are a lot of managed rules targeting common vulnerabilities such as code injection techniques (SQLi, NoSQLi, OScommandi, etc), XML External Entity attacks, Server Side Request Forgery, XSS, directory traversal and Malicious Bots rulesets.
Highlight :
Can build a more secure API Gateway and Serverless environment immediately
Designed to have the defense capability needed to protect your API Gateway and Serverless, with a low false-positive rate
Minimizes OWASP API Security/Serverless Top 10 threats
NOTE :Cyber Security Cloud recommends that when installing this ruleset for the first time, place the ruleset in Count mode.