Note

Applicable rules:
Cyber Security Cloud Managed Rules for AWS WAF -HighSecurity OWASP Set-
Cyber Security Cloud Managed Rules for AWS WAF -API Gateway/Serverless-

In the managed rules listed above, Continue is selected for the oversize handling instructions of rules that inspect Body and JSON Body.
This means that the rules will inspect the first 8KB (8,192 bytes) of the request, but the rest of the strings that exceed the limit will be excluded from the inspection without taking actions Count/Block, allowing the request to pass the rules.
Therefore, if you would like to block a request that may include attacks after the first 8KB (8,192 bytes), you will need to create a rule that will block any HTTP request that exceeds 8 KB (8,192 bytes).

Oversize handling for request components

How to subscribe

You can purchase Cyber Security Cloud Managed Rules in the AWS Marketplace.

1. Sign in to the AWS Management Console.
2. In the navigation pane, choose Marketplace.
3. From the Marketplace list, search for the Cyber Security Cloud Managed Rules.
4. If you want to subscribe to the ruleset, choose Continue.

How to deploy

After you subscribe to Cyber Security Cloud Managed Rules, add the ruleset to your AWS WAF settings.

1. Sign in to the AWS Management Console.
2. In the navigation pane, choose AWS WAF.
3. Create a new Web ACL.
4. In the Rules section, select the Cyber Security Cloud ruleset that you subscribed to.
5. You’re done.

How to subscribe to CSC Managed Rule’s notifications

1. Sign in to the AWS Management Console.
2. In the navigation pane, choose Amazon SNS (Simple Notification Service) .
3. In the left navigation pane, choose Subscriptions.
4. For Topic ARN, Enter "arn:aws:sns:us-east-1:343255486711:CyberSecurityCloud-ManagedRule" as CSC Managed Rules SNS topic arn.
5. You’ve completed the subscription procedure.